Chances are you’ve got so many people who need access to your virtual private network (VPN) today, you’re probably wondering why they’re even called “private” networks anymore. While the user population will always include the traditional full-time employee using a company-issued device at the office, that population now includes a growing remote workforce (expected to make up 72 percent of all U.S. workers by 2020), as well as users who are external to the company, such as key trusted contractors. They may be using the VPN to access applications and other resources that live both in the cloud and on-premises, and they may be using a variety of devices—including their own personal mobile devices—to do it.
That’s fine as far as giving people the tools they need to work for or with your organization, but it also increases identity risk. How can you be sure the person who’s trying to access resources through a personal mobile device is really the employee who owns the device? Or that the contractor you’ve entrusted with access isn’t sharing that access inappropriately with others in their organization? A simple username/password combination doesn’t provide a high level of assurance that someone who wants to connect to the VPN is who they say they are and is entitled to the access they seek.
Tackling these challenges requires a fundamental transformation of secure access beyond passwords. Multi-factor authentication addresses today’s VPN access challenges, but it must be the right solution to provide the identity (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Tim Norris. Read the original post at: http://www.rsa.com/en-us/blog/2018-07/mfa-for-your-vpn-3-keys-to-getting-it-right.html