We Continue our Security Awareness Training by addressing some of the most common challenges for organizations who have suddenly found their workforce remote and having to connect to corporate systems.
Our focus will be to help you better understand the different ways users can remote into systems and the difference between accessing these at the office vs at home, let’s get started!
Let’s begin by addressing the ways we can access our systems remotely.
The two methods we will be addressing are VPN (Virtual Private Network) and RDP (Remote Desktop Protocol)
Using a VPN allows user’s or sites to securely connect to the network allowing them to access servers (drives and folders), protecting private information and extending the business network to the home user over the internet. VPN is the more secure option of the two methods we discuss today.
How does a VPN work? A VPN Routs your device’s internet connection through your chosen private server/ system rather than your internet service provider (ISP), so that when your data is transmitted to the internet it comes from the VPN rather than the device. It acts as an intermediary when connecting to the internet, creating an encrypted “tunnel” hiding your IP address (the numbers your ISP assigns to a device) which helps protect your identity. If your data is somehow intercepted, it will be unreadable until it reaches its destination.
Types of VPN’s include:
Standalone VPN is the most used at home or for small businesses, it typically uses an application which creates the encrypted connection to the private network.
Corporate VPN is a custom-built connection the corporate IT staff, or an MSP creates using both an application and a password and is personalized to fit the level of security the company defines.
Browser extension VPN’s are another option which works through something like Google Chrome, Firefox, etc. Browser extensions will work when using that browser only, other applications will not be protected. This VPN method does pose vulnerabilities as it is not covering the whole system and depending on the browser VPN solution have been known to leak IP addresses. Be wary when using browser extension VPN’s and only choose reputable companies by reading reviews and fine print regarding the security of the solution you are considering.
Router based VPN is also another option and is a good choice when wanting to protect several devices without having to setup VPN’s on each device. You can use this solution to keep it simple and sign in only one time to protect the devices which many people like. The router does need to have VPN capability, so read carefully if deciding to go this route. Some routers VPN solutions come ready to support VPN out of the box with little technical skills which is great for the non-technical at home user.
RDP is another way a user can connect to the corporate device (computer, laptop, etc.) through the network firewall. There are security risks for RDP as the user is essentially exposing a path into the corporate network and risks exposing the corporate computer they tether into. Hackers have become very creative in using the internet to access computers, and this is why we also covered Passwords (see session 2 for more info on how to create strong passwords) as this is the main way Hackers are gaining access through this methodology. RDP is commonly used for people who do not have a device they can easily take home.
Screen Connect (or ConnectWise Control) is another option for connecting remotely and one that PCS uses for remoting into systems while remediating technical issues. Screen Connect or “ConnectWise Control” enables the ability to choose the process which suits the technical team best. The connections are private so users can safely connect using “end to end” 256-Bit SSL encryption. SSL (Secure Sockets Layer) is a networking protocol that secures connections between web clients and servers while accessing over the internet. This method provides compatibility for secure “cross-platform” access.
Our office environments have changed and understanding how and what remote solutions to use are more prevalent than ever before. If you have a device that needs to stay at the office we recommend using RDP coupled with a VPN connection as it will give you the best of both worlds!
We hope this has been helpful, please continue to look for our follow up in the Security awareness series with topics to include: Recognizing a threat, DNS resolution, Backup and more!
PCS Managed Services strives to provide a Stable, Secure, and Productive environment for its clients, and is here to help you! For more information, please call us or email us at sales@pcs-ms.com for more information on how we can help better protect you.