Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

2/22/2019
12:30 PM

6 Tips for Getting the Most from Your VPN

VPNs are critical for information security. But simply having these cozy security tunnels in the toolkit isn't enough to keep an organization's data safe.
2 of 7

VPN Everywhere
It seems almost too obvious to state, but best practices are like that: If a device doesn't have a VPN client installed, it won't be protected by a VPN. If you want to protect all of your network communications, install VPNs on all your devices.
Most IT teams understand that laptop computers that leave the office should have a VPN installed, but does that understanding extend to desktop computers? If they're using Wi-Fi for their network connections, then they should definitely have a VPN in place. And so should the devices that connect via cellular network.
It's true that it's illegal to eavesdrop on a cellular connection. It's also true that cellular networks are encrypted. But neither mean it's impossible to hack a cellular connection. VPN clients are available for every smartphone platform, so use them. Make it a policy to have a VPN on every network interface, and it will simplify the decision-making process for where it should be installed.
(Image: Evgeny - Adobe Stock )

VPN Everywhere

It seems almost too obvious to state, but best practices are like that: If a device doesn't have a VPN client installed, it won't be protected by a VPN. If you want to protect all of your network communications, install VPNs on all your devices.

Most IT teams understand that laptop computers that leave the office should have a VPN installed, but does that understanding extend to desktop computers? If they're using Wi-Fi for their network connections, then they should definitely have a VPN in place. And so should the devices that connect via cellular network.

It's true that it's illegal to eavesdrop on a cellular connection. It's also true that cellular networks are encrypted. But neither mean it's impossible to hack a cellular connection. VPN clients are available for every smartphone platform, so use them. Make it a policy to have a VPN on every network interface, and it will simplify the decision-making process for where it should be installed.

(Image: Evgeny Adobe Stock )

2 of 7
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
nikan70
50%
50%
nikan70,
User Rank: Apprentice
3/18/2019 | 3:15:56 AM
Re: VPN on your router
Love what you're doing here guys, keep it up!
TerazTVSeriale
50%
50%
TerazTVSeriale,
User Rank: Apprentice
3/16/2019 | 8:52:46 AM
Re: VPN on your router
Great tips. Thank you very much!

 

------------

rajstopy do małej  czarnej
DanielN212
50%
50%
DanielN212,
User Rank: Apprentice
2/27/2019 | 9:49:54 AM
Re: VPN on your router
VeePN definitely has an option for routers
Mtony
50%
50%
Mtony,
User Rank: Strategist
2/22/2019 | 7:57:32 PM
VPN on your router
Legit, I think the best thing you can do is install a VPN on your router. I know from experience that ExpressVPN has their own router apps, I think Nord may also.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11509
PUBLISHED: 2020-04-07
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator's browser if the template is used to create a page).
CVE-2020-6647
PUBLISHED: 2020-04-07
An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack (XSS) via the name parameter.
CVE-2020-9286
PUBLISHED: 2020-04-07
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system.
CVE-2020-11508
PUBLISHED: 2020-04-07
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows logged-in users with minimal permissions to create or replace existing pages with a malicious page containing arbitrary JavaScript via the wp_ajax_core37_lp_save_page (aka core37_lp_save_page) AJAX action.
CVE-2013-7488
PUBLISHED: 2020-04-07
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.