Since businesses started shifting to remote work due to COVID-19, OXEN has seen a sizeable uptick in requests for purchasing and implementing VPNs for at-home workers. You’ve probably seen that a Virtual Private Network (VPN) connection is often recommended for securely working from home while accessing company resources.
So what’s a VPN for in this context, and do you need one? If you’re a business manager, do you need a VPN connection for every employee who’s now working from home? Read on for our tips.
What Is a Virtual Private Network?
VPN stands for “Virtual Private Network”. It creates a private network from a public internet connection. It establishes a secure, encrypted connection between point A (in this case, your home network or internet connection) and point B (your company’s network). Traffic and data transferred between the two are now encrypted and no one can easily “eavesdrop”.
People often think of a VPN as a way of masking your identity and location online. It’s recommended for anonymity if you don’t want someone tracking your online activities. For example, a VPN can mask your browsing history from your internet provider or services targeting you for ads based on your activities.
However, for business use a VPN is necessary for a more secure connection that protects sensitive data transfer. You need this if you are accessing resources at your company’s location – for example, if you want to:
- Access files on your company’s file server.
- Remote into a server to use an application hosted there.
- Remote into your own PC in the office to use it like you usually would.
Do You Need a VPN Connection?
Does every single remote worker need a VPN to connect to your office network from their home? Possibly not. You should absolutely consider a secured connection for any work involving transferal of sensitive or confidential information. But don’t jump straight to a VPN setup if your work can be done entirely on a single machine – that is, you have all your applications installed or accessible via the cloud. A VPN is necessary if you need remote access to a special program or data that isn’t locally hosted on your machine or isn’t a cloud service.
What security best practices should you ensure before implementing a VPN?
Your first step before implementing a VPN is to make sure that your (or your employee’s) home office network and environment are locked down.
- The home Wi-Fi network should be encrypted, and the router, modem, and other network devices should be secured with strong passwords and encryption as well.
- Work PCs, laptops, tablets, and phones should be password protected and only used for work, not for personal use. Do not use work devices for personal internet surfing just because the laptop or PC is in the house.
- If employees are taking their work computers home, Windows Firewall should be turned on and locked down. The hard drives should also be encrypted in case the PC is stolen from the home.
If you are ready to set up a VPN connection, keep in mind these tips as well:
- Employees’ personal computers should not be used to VPN into the office network. Personal devices typically don’t have the same level of security protection as business-grade devices, and they could already be infected or compromised. A virus can spread from a personal home computer through a connection to the office network.
(Note: If your employees must use personal computers, improve their security by licensing and installing anti-virus and anti-malware solutions that are recommended for business use.)
- Remember the principle of “least privileged access”. VPNs should be specifically configured to only allow the required resources needed for the employee. For example, if they only need to remote into their work PC, then configure one port open to one IP address. The employee doesn’t need to have access to the whole network through the VPN.
- Use two-factor authentication to deter hackers who want to get in. A VPN is a way into your network that bypasses the firewall. Make sure that this entry point is as secure as can be!
How do you acquire a VPN connection?
If you’re an employee, you should ask your IT support team if they already have VPN capability and can set you up. If not, acquiring and setting up a VPN can be done through your IT support provider. You’ll purchase a subscription or license that allows a certain number of connections or users. Then you’ll download and set up the software or app for the service onto your devices. Once configured, a VPN service is mostly set-it-and-forget-it.
There are many factors to consider when choosing a VPN provider. At OXEN, we recommend setting up VPN connections through a SonicWall Next Generation Firewall. If you already have a SonicWall firewall, you can simply acquire the appropriate licensing for the number of VPN clients you need.
Not sure about a SonicWall Firewall? Reach out to us and one of our experts can discuss the right option for you! There are many third-party apps available, as well as other ways of connecting to remote services that may work for you.