As organizations have been forced to allow their employees to work from home during the pandemic, many have turned to VPN services to allow them to connect to their corporate networks remotely. Cybercriminals were aware of this and began to exploit VPNs to gain access to corporate networks. Outdated software and poor security practices were used to access the organization's VPNs, but attackers also began using voice phishing to steal remote workers' VPN credentials. To learn more about how companies can ensure secure access while working remotely, TechRadar Pro spoke with Tony Howlett, CISO at SecureLink.
Where do VPN services fall short when it comes to giving employees access to corporate networks?
VPNs are designed to protect data in transit, not necessarily to protect endpoints. VPNs also only provide the connection, so they do not provide credentials to servers or hosts which therefore must be transmitted and managed separately. Finally, since VPNs connect you to a remote network, without proper segmentation, this often leaves the target network vulnerable to being scanned or bypassed to other systems or networks for which the user is not authorized. .How can cybercriminals use a VPN as a route for secondary attacks?
Since most networks are not properly segmented, hackers who gain VPN access to a less sensitive network can often access more critical networks where things like payments, accounting, development, or other systems reside. more sensitive. Additionally, users working from home can often have malware infecting other machines on their home network (i.e. kids and / or spouse machines) to attack their VPN endpoint. then move through this connection to the company network.Can you tell us more about Vendor Privileged Access Management (VPAM) and the benefits these solutions offer that VPNs don't?
VPAM provides transportation and access to the system in a single solution. Proxies the connection so that there is no native network connection, avoiding the aforementioned lateral movement. Additional least privilege controls can be applied, binding the use case to specific application ports and even time frames. The system integrates with Privileged Access Management (PAM) systems so that actual login information is stored in an encrypted vault and is never seen by the provider's user. Lastly, it provides a high definition audit where actual mouse movements and keystrokes are recorded for monitoring and auditing purposes.What factors does your platform use to decide when to revoke a user's privileges?
The beauty of our VPAM system is that it can be linked directly to a provider's directory service, so that once the provider's employee is laid off, they no longer have access to the client's systems. This automates the removal of users when they are no longer authorized and allows for near real-time termination of rights.What is least privileged access (LPA) and how does it prevent users from receiving more privileges than they need?
Least Privilege Access ensures that access levels and rights are based on a user's title and must do their job. In other words, it provides just the right amount of access, no more, no less. When a provider user is configured in SecureLink, they are given a token connection profile that only gives them access to specific networks, servers, and application ports that they need to do their job. Unlike VPNs or desktop sharing tools, they just don't have direct access to the underlying network to explore or exploit further.What prompted your organization to create the SecureLink platform in the first place?
The increasing number of services that companies outsource to third parties and the risk these connections pose to a company's systems and data. In addition, the fact that many providers require some type of privileged access increases the risk and damage that a hacker can do with these types of connections.Have you had to change your platform to support remote workers in addition to remote suppliers and subcontractors? What lessons has your organization learned from the pandemic?
We did not have to change platforms to support internal collaborators since our main and main use cases are specifically focused on the access granted to the networks to third parties (subcontractors, suppliers, etc.). However, many of our customers have been able to quickly and easily switch to using SecureLink for remote access by their remote employees. While internal access needs are often different, we were able to use the SecureLink platform to support this use case and help them navigate the crisis. Thanks to this pandemic, we have learned a lot about the importance of our product and our platform. Even though there is a pandemic for all of us, hackers or bad actors are not going to stop trying to infiltrate networks due to COVID-19.Are you currently working on new products or services to facilitate remote access for businesses?
We just launched a cloud option so customers don't have to host their own SecureLink server. We are very excited about this as it provides a turnkey solution that can be quickly implemented. Since SecureLink hosts the device, organizations don't have to worry about ongoing updates, monitoring, or patching. SecureLink manages all of these components to free up time and bandwidth for IT teams.- Also check out our full list of the best VPN services.