Business CRM solutions, small business accounting software, supply chain management software and more at eIS Business Solutions
Home | About eIS | Contact eIS | Site Map
 eIS Solutions

 Solutions for Your
Industry

 Why eIS

 Success Stories

 Customer Resource
Center

 eIS Referral Program

 News & Information

 Resources

 Blog

 

 

 

The Five VPN Common Mistakes 
 
Is your Virtual Private Network (VPN) the weakest link in your network security? Network Security is currently a major concern of IT departments these days. Virus incidents are the most common problem on corporate networks, followed by worms. Some organizations think a VPN is a secure network, but let's not forget that worms and viruses can travel across an encrypted SSL or IPSec VPN, directly onto a network, unless something is in place to stop them. Therefore, complete end-to-end security is not a guarantee.

Security Mistake #1: Skipping Real-time Endpoint Security Monitoring - The first security mistake for most companies is skipping the real-time endpoint security monitoring, or deeming it as too costly. Most Virtual Private Networks are just that - a virtual, secure private communication channel that transports data from point A to point B, or typically from an end-user to a corporate network. Unfortunately, if point A is a computer with a virus or an improperly configured firewall, then a hole has been created in the company's network.

Security Mistake #2: Ignoring Spyware and Critical Updates - Viruses are a problem in businesses today. For this reason, we have outlined security mistake #2 as a critical point. A firewall is necessary, but because both spyware and operating system Critical Updates are much newer problems, they are the biggest loop holes in VPN security today. Companies ignore these problems, because they normally lack the tools to manage them.

Security Mistake #3: Leaving Critical Servers Accessible From The Internet - Another security area companies often compromise is leaving critical servers accessible from the Internet. This can be in the form of a web portal, Citrix or Terminal Server, web-based e-mail, or an external website for third parties. Each of these applications creates a hole in a company's firewall to a server running software that can have remote exploits.

Security Mistake #4 - Assuming Citrix & MS Terminal Server Eliminate the Need for Endpoint Security - The assumption that endpoint security is unnecessary when you have a Citrix or Microsoft Terminal Server deployed for remote access is another mistake commonly found in enterprises. Data is transferred, even if only in graphical format, to the end user's insecure PC. Moreover, file sharing and printer sharing are frequently-used capabilities, which also open up additional pipelines for viruses and worms to propagate onto a corporate network.

Security Mistake #5 - Expecting Employees To Never Use Untrusted PCs For Work - Companies assume if they give employees a laptop, set it up with antivirus, firewall, and all the latest patches, that the computer will stay up-to-date for the next several months. Not necessarily so.

What's the moral? Every computer that connects to a company network remotely is untrusted. Security is about getting every computer into a trusted state each and every time a user connects with the VPN, and then keeping it trustworthy for the duration of the session. When evaluating the security of your VPN, review information associated with the five most common security mistakes to avoid costly mistakes like security breaches or compromising private information. Compare alternatives, and select a solution that will fit your budget, your needs and your time frame. 
 

 
HOME | ABOUT eIS | CONTACT US | eIS SOLUTIONS | SOLUTIONS FOR YOUR INDUSTRY | WHY eIS
SUCCESS STORIES | CUSTOMER RESOURCE CENTER | eIS REFERRAL PROGRAM | NEWS & INFORMATION
ADDITIONAL RESOURCES | BLOG | SITE MAP

© 2007 eIS Business Solutions, Inc. All rights reserved.