A Secure VPN is intended to create a protected tunnel between two trusted networks. VPN’s secure the data in transit, but don’t necessarily secure the endpoints themselves. With more employees working from home, that begs the question, how secure are your at-home workers’ home networks? And if their home network isn’t secure, do they really have a secure VPN connection? The bottom line: Hackers have begun to exploit VPN services used over home networks to gain access to business networks.
Sure, the traffic running through secure corporate and home network tunnels are encrypted, but if one of the two networks has been compromised by malware or other malicious files, it immediately becomes a security concern for the connected location. And since working from home has become the new normal for many companies, that means once the home network security is compromised, that risk is extended to the other end of a software VPN – your corporate network. Also, since VPNs connect you to a remote network, VPNs often leave the target network vulnerable to leapfrogging onto or scanning other systems or networks that the user is not authorized for. Cybercriminals are leveraging the increase of remote workers by exploiting secure VPN’s to gain access to corporate networks, thanks to outdated software, subpar security practices, and even vishing to steal VPN credentials.
This risk grows exponentially with every separate home network that is used to access company data. 95 percent of cybersecurity breaches are due to human error, and your company can’t manage every employee’s home network, leaving a lot of room for human error. If employees are using personal computers with a business VPN, organizations lack the authority to manage those personal devices and are unable to secure the host or implement protective measures.1
Cyber-criminals and hackers will infiltrate your company through your weakest link, like a remote worker’s home network, VPN or not.2 Home networks have lower Malware defense, and risk doubles for every user and connected device relying on that home network, like a spouse’s corporate connection, or childrens’ remote education devices. In fact, 98 percent of all IoT device traffic is unencrypted, exposing personal and confidential data on the network.3 So, when remote employees use their home networks for work, all of their networked IoT devices put your business VPN at risk, from security cameras and baby monitors to smart doorbells and even wireless printers.4 This kind of lateral attack works because a hacker can gain access to a less sensitive network, and then jump to a more critical network through the VPN, or even send malware from an infected machine on their home network, through the VPN connection, and then onto your business network.
To summarize, here are a few key takeaways regarding how secure your VPN really is if it’s being used to connect a remote worker’s home network to a corporate network:
- VPN’s Can Only Secure Traffic Between Trusted Networks: The home network was not built to protect sensitive data, it was built for speed and easy access for its users. Smart devices like thermostats, TVs, gaming systems, smart switches, and the myriad of other connected devices all become a vulnerability that extends to the corporate environment when a device is connected via a secure VPN. The computer used for work is connected to the same network that has no security appliances or policies in place to protect it.
- VPN’s Can Cause Performance Issues: Another concern with VPN tunnels is that they rely on the corporate office to connect to the internet. This creates application performance issues that impact the end-users experience, their business efficiencies, and could ultimately impact your bottom line. For example, in today’s remote work environment, connecting via video call or VoIP calls can create unwanted latency and jitter, causing performance issues that leave users, clients, and associates with a poor experience.
- Managing VPN Complexity: VPN’s can be deployed via software or by physical security appliances in the corporate network. It’s one thing to manage VPN connections across corporate-owned devices, but if remote workers are not only using home networks to connect via VPN but are also using personal devices that can’t be accessible or controlled by your IT staff, the complexity rises to a whole new level. You’re now trusting those devices and networks to be secured to your standards so they don’t open up security risks for your business.
The Solution? SimpleWAN @Home
SimpleWAN @Home is built with a Zero Trust architecture in mind. This provides an edge device that separates corporate connected devices away from the unsecured devices that run over the home network.
Normally, this can be done in one of two ways. One is by creating VLANs within the home network, the second – and more secure option – is to physically separate the corporate connected device away from the home network completely. SimpleWAN @Home does both.
First leveraging the end-users internet connection, SimpleWAN @Home empowers IT Teams to create VLANs virtually segmenting the “home traffic” from the “work traffic”, and then creates network-level firewall rules to enable security posturing within the home environment. AKA, giving you the ability to manage your defenses and protect your enterprise from cyber-attacks even from within your remote employees’ homes.
The second way we provide a Zero Trust Architecture is by providing a SimpleWAN @Home device LTE connection. This solution connects via wireless 4G connection instead of the home network while prioritizing traffic over the cellular connection. This solution physically removes any connection to the home network providing a more secure way to connect the remote workforce.
SimpleWAN @Home provides everything you need to extend telework security to the home office, bundled into one simple plug-and-play. Within minutes, your remote workforce can isolate work traffic from the home network, improving application performance, and addressing security gaps. All of the tools you are already paying for and managing, bundled as the most comprehensive enterprise telework security network management solution. What’s not to love?