Safeguards

VPN

What is a VPN?

A VPN (virtual private network) is an encrypted connection that lets staff working away from the office dial into the company network. Traffic travels through a protected channel and stays unreadable to third parties along the way. The route opens only after a successful login.

The reason for a VPN is ordinary working life: home office, field service, a building site, hotel Wi-Fi, a glance at the order list from a laptop at the kitchen table. Where a service is exposed directly to the internet for that purpose, the door stands open to anyone who finds it. A VPN keeps the server invisible to the internet, and only someone who logs in to the VPN reaches the company network.

The word VPN is used for two different things. For a business it means the corporate VPN, the secured route your own people take into your own network. The heavily advertised VPN services for private users conceal a home IP address while browsing and serve a different purpose. When remote access to the accounts system is under discussion, the corporate VPN is what is meant.

A VPN account is a master key to your network and deserves to be treated as one. Every account belongs to a named individual, because shared accounts used by several people make later traceability impossible. Every account is protected with two-factor authentication, meaning a second proof of identity alongside the password, such as a confirmation on a mobile phone. Accounts of departing staff are disabled on their last day. And the VPN device itself is reachable from the internet, which is why its security updates deserve prompt installation.

Someone connected through the VPN should reach precisely the systems needed for the job. An account that opens the entire network turns an infected private laptop in a living room into a problem for the accounts department. Network segmentation, meaning the division of the network into separate zones, together with a permissions concept, meaning a written record of who may access which data and systems, limits how far a compromised account can travel.

The first sensible step is a list of every VPN account with one question attached: who owns this account, and does that person still work here? Two-factor authentication and logging follow, so that it stays traceable who connected, when and from where. The IT-Check records how remote access to your network is set up and which routes stand open from outside.

All terms in the knowledge base

From the term to practice

Where does your business actually stand?

The IT Check reviews your IT across 8 audit areas with more than 100 individual checks and delivers documented findings with a prioritised action plan. From 1,299 € excl. VAT. The first call takes 20 minutes and carries no charge.

Book a first call