A recent Cybersecurity Strategy report released by the government stated that current IT strategies aren’t working to keep organizations safe. One of the ways that cybersecurity is failing is that employees often provide criminals access to their company network by unwittingly using their devices in unsecure environments.
While using a work device to surf the web, even on personal time, cybercriminals can access the device. This gains them a foothold which then allows the hackers to jump into any open program or network. This is why a corporate VPN is a necessity for everyone who travels for work. However, those who simply access the internet when away from work should also have a personal VPN.
What is a VPN?
A VPN – or Virtual Private Network – allows a user to create a secure connection to another network over the Internet. VPNs are generally utilized to shield browsing activity on a public Wi-Fi network, such as in a hotel, airport or coffee shop.
Companies who allow users to have access to business networks on personal devices – which is seemingly all business entities these days – should supply their employees with a personal VPN.
You can provide a corporate VPN for all work related activities, but these often restrict access to certain types of websites for employees. Because employees want and deserve privacy in their downtime, using the corporate VPN for their personal internet use is less than optimal. They may not even be able to access sites restricted for business use (such as social media sites), so they may shut off their corporate VPN when they go onto personal time. However, when they do so, they are far more likely to be hacked. Not only does their personal information become easy prey – but access to their corporate accounts does as well.
Even though most are aware of the dangers of free and open wifi, sometimes the ease and accessibility is just too hard to resist. In fact, according to a recent Pew Research study, only 29% of users utilize a VPN for personal use.
Why Your Company Should Provide a Private VPN
You may assume that your responsibility ends at providing a corporate VPN, and a personal VPN is up to your employees to acquire. However, it is in your best interest as a corporation to pay for both.
Let’s assume that your employees are using public, unsecured networks to do their banking or to post on social media. There are several things that could go wrong in this scenario:
1. Cyber criminals could access compromising personal information and use it to blackmail users into giving access to business accounts.
2. Hackers could access files that were downloaded for business purposes but saved on the device.
3. Hackers can gain access to personal passwords and use them to try to access corporate accounts. It is a well-known fact that most people use the same passwords for personal and corporate accounts. (If you have not installed a strong password protocol on your network, you should do so.
If you think that the risk of something like this happening is low, you are mistaken. Cyber criminals spend a great deal of time doing reconnaissance to collect information, and the results can be destructive for your business. This is especially true if your organization does business overseas and is working in certain countries where it is legal for the government to spy on people. Corporate secrets are a highly prized target. Again, it does not matter if your employee is in these countries or locations for leisure travel – the criminals look for any weakness onto the device, and go from there.
While installing corporate and personal VPNs on devices is hardly a comprehensive solution to the problem of corporate espionage and data theft, the practice is a good place to begin. By paying for these protections as a corporation, you can help to prevent inadvertent access granted by your employees.
For more information and ideas on how to protect your network, contact Alliance IT. We have the experience and expertise you need to protect your network from the latest in cyber criminal attacks.