![]() ![]() Here are some key characteristics to look out for when assessing your VPN client: After all, the VPN client is the software your staff will be using to connect to the company network, so it's extremely important that it's up to date and well maintained. Remotely update the PSK and push changes to connection users in seconds 7. Assess your VPN clientĪs well as using the security audit to check your VPN gateway is up to date, it's also a great opportunity to assess your VPN client. Worrying about the knock on effect for the rest of your users? With VPN Tracker TeamCloud, you can update the PSK (as well as any other connection settings) and sync changes to your team in seconds - with no enduser action required. This also takes place on the VPN gateway and is a simple way to freshen up your VPN's overall security scorecard. 6. Update Pre-Shared KeyĪnother password which you could review during your audit is the pre-shared key (PSK) or shared secret for your connection. For an extra layer of security, consider requesting a periodic VPN password change from all staff members. Generally, best practise for passwords is to opt for a longer password with a mix of upper and lower case letters, as well as numbers and symbols.Ĭheck your VPN gateway settings to see which password requirements are in place and optimize them as necessary. Google Authenticator, FortiToken, Duo, etc.) and get this configured for your connection. If you have not done so already, use your audit to explore the 2FA methods provided by your VPN gateway (i.e. by SMS or email) before access is granted. However, 2FA adds an extra layer of protection in requiring another form of verification (e.g. Previously, if a user's VPN password was leaked or compromised, this meant game over for your network's security. Two-factor authentication (2FA) is becoming increasingly important as a measure to rule out external threats caused by hacking, phishing, social engineering, etc. one login for multiple users) or generic connections and to instead ensure all VPN users have their own individual accounts. For this reason, it's also best practise to avoid shared accounts (i.e. Given the sensitive nature of a VPN connection, it's important to know exactly who has access. Tip: VPN Tracker TeamCloud enables team managers to remotely revoke VPN access in one click and ensure only the right individuals have access at all times. Have any team members left since the last audit? Have departments shifted? Use this time to remove any user accounts from your gateway which no longer require VPN access. Choose the highest possible encryption settings supported by your gateway 3. Ensure VPN users are up to dateĪ VPN audit is also the perfect opportunity to monitor and review VPN users. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |