The Dos and Don’ts of Using VPNs for Remote Workers

When employees work from home, they often need to access files and applications housed on their employer’s network. An easy and secure way to provide such access is through a virtual private network (VPN).

VPNs essentially create a secure, encrypted “tunnel” between an employee’s remote connection and the company network, preventing data sent over the VPN from being intercepted by cyberthieves. VPNs designed specifically for businesses also offer additional features and controls that are valuable to companies with remote workers. That said, how a business sets up and protects its VPN access will largely affect how securely and efficiently employees can use it.

Here are three important things to do—and three things not to do—when providing VPN to employees:

DO:

Shop around

Every business VPN software has different features and controls, so it’s worth spending some time comparing the features and security protocols to choose the one that’s best for your company’s needs.

Keep software up to date

Set your VPN software to automatically update when new versions are available. “Make sure the software is updated both on the user’s computer and the company’s server,” says Dustin Bolander, chief information officer at Clear Guidance Partners, a technology strategy and services firm in Austin, Texas. “VPN vulnerabilities are constantly coming out, and hackers regularly scan for them. This is a gateway into your network so it must be kept secure.”

Have fast internet connections

VPN consumes significant bandwidth on both the company’s internet connection and the employee’s home internet connection due to the encryption process. Therefore, you’ll want to make sure to have high-speed internet at both locations. “We always recommend companies using VPN get the top-tier business internet connection from their provider,” says Trave Harmon, CEO of Triton Computer, a Worcester, Massachusetts, managed IT provider. Likewise, check that remote workers have an adequate internet connection at home so that using VPN doesn’t hinder their productivity.

DON’T:

Provide access via personal devices

Personal devices are more likely to be exposed to malware or possess other vulnerabilities, because they generally don’t have the same level of antivirus protection as work-supplied devices. “You don’t want the user to use the VPN software on their home computer,” says Morey Haber, chief technology officer for BeyondTrust, a privileged access management firm in Johns Creek, Georgia. “The business should give supportable equipment to the end user.”

Allow weak passwords

Make sure the passwords your employees use to access the VPN are unique and include special characters, Haber says. Passwords should also be long and complicated to reduce the odds of hackers guessing them. Providing employees with a password manager can make the creation and recall of long and strong passwords more manageable.

Rely solely on passwords

Instead of just asking for a username and password to access the VPN, require employees to supply additional credentials such as a one-time passcode sent to their smartphone, a security question answer or a fingerprint. “Multi-factor authentication [MFA] stops the vast majority of attacks against a user account,” Bolander says, by preventing a cyberthief who has stolen a password from being able to access the account. Many VPN software programs have MFA as a built-in option, but you have to activate it.

Spectrum Business Internet offers a range of high-speed internet plans to help employees efficiently connect to VPN. We can help you determine which plan is best-suited to your needs. Contact us at 855-299-9353.