Download at Pipeline November 2013
By: Jim Deerman
The virtual private network (VPN) represents an economical and efficient way for a company to communicate with remote employees, vendors and other partners by providing a secure method for those authorized users to access its corporate network.
That’s the good news. The bad news is that VPNs have a tendency to create a “weak link” in an otherwise secure system because they bypass some of the perimeter defenses that are trying to stop the bad guys from entering a corporate network. Opening a network for VPN access can expose it to opportunities for attack from state-sponsored cyberterrorists, hacktivists pursuing a political agenda or even basic hackers out to exploit every possible vulnerability of the network. VPNs can also serve as gateways for malware and advanced persistent threats (APTs).
Many questions must be asked. For example, can a company be certain that the other end of its VPN is secure? Access into a network requires a company to put its trust in the security of its partners and employees, so it needs to know if remote users have connected to the internet outside of the VPN and what to do if a remote user or office is compromised.
Jim Deerman is director of cyber security engineering for ISC8, a company actively engaged in the development and sale of intelligent cyber security solutions for commercial and government environments worldwide. Jim has over 30 years of extensive experience in network architecture, design and implementation. In his position with ISC8, Jim is heavily involved with network/system security, enterprise data networks, and VoIP networks.