VPNs are jeopardizing the security of your business

The Risk.

The issue with corporate VPNs is that while they protect data traveling between a personal computer and a business, they create a huge vulnerability for businesses. The issue for businesses is that VPNs do not secure data before it starts its trip, nor do VPNs secure the computers on each end of the tunnel.

Most organizations allow their teams to access corporate email, applications and data via web-based services which are established by VPNs. While these technologies are great for accessibility, they create a real security concern. Most VPNs allow providers to screen traffic before it gets to a computer and hides a user’s information including location, IP address, Computer Type, etc. The problem is that hackers utilize proxies to bypass these protections. Often hackers will use proxies to hide themselves between “well known” or trusted locations, like personal computer, to mask their identity.

Defining a VPN.

VPN is an acronym that stands for Virtual Private Network. Traditionally, a VPN is used to create a “secure secret tunnel” between two computers or between a PC and corporate data, corporate servers, or corporate applications.

Recently the term VPN has been associated with creating a proxy between a computer and the internet. These VPNs allow providers to screen traffic before it hits your computer and hide your information including location, IP address, Computer Type, etc. Hackers use proxies, many proxies hide themselves between “well known” or trusted locations. Most hackers, hack into personal computers to use them as proxies to mask their identity.

When and why you should use a VPN?

Consumers should use VPNs on their phones and computers to screen the data coming to them over the internet. Businesses should not use VPNs to allow users to connect to their corporate IT environment.

1. Anyone using the internet should either have a sophisticated firewall between them and the internet or use a VPN/Proxy service to protect themselves.

2. Only highly trained professionals should use VPNs to secure networks and communication between corporate computers.

In Practice:

Let’s assume that all of the corporate sessions are highly securitized—airtight even. However, one user clicks on bait via Facebook or their email (say it’s advertising the fountain of youth). That bait injects a small 15-character piece of malware onto the browser. Now, all the organization’s corporate data is at risk, because that small piece of malware is logging keystrokes and sending usernames and passwords back to the hacker.

Similarly, let’s say a user’s home computer has not been updated in 3 years, and is not running anti-malware software. Now, this user has connected their infected personal computer to your corporate VPN, this will enable hackers to have a trusted secure secret tunnel from that user’s computer to your corporate network.

Why TetherView?

With TetherView establishing VPN connections becomes a thing of the past. Connections are highly securitized from a single location and monitored 24/7/365. Additionally, TetherView’s Virtual Desktops enable a faster, more consistent connection than most providers. Moreover, TetherView eliminates local end points as a potential vulnerability to your organization.

https://tetherview.com/vpn-risks/