VPNs and desktop sharing slow you down and put you at risk
When you think about providing remote access to your network, VPNs and desktop sharing are the two most frequently used methods. VPNs are great for allowing access to local resources, but they present challenges for access for third-party vendors. Similarly, desktop sharing tools like WebEx and GoToMyPC provide remote access for end-users, they also create challenges for remote vendor access. Desktop sharing tools lack the stringent security controls required by highly regulated industries, like healthcare, legal, retail, and financial services.
Here are some ways in which VPNs and desktop sharing can hinder your business processes:
- VPNs are one of the most common ways hackers enter networks: The more servers, applications, and network equipment that your third-party vendors can access, the more you have at risk. But with a VPN, they can access it all. One of the easiest, most common, ways a malicious hacker enters a network is through a third-party connection—in fact, 59% of all companies have experienced third-party data breaches. Deploying a VPN for your third-party vendors is essentially an open invitation for hackers to enter your network.
- There’s no third-party vendor accountability: VPNs don’t offer a granular audit function, so you can’t monitor and record every movement of every person utilizing the VPN, making the VPN an ideal place for hackers to enter your network. And without access to historical information, in the event of a breach due to a third-party vendor, you can’t prove which third-party created the issue.
- You can’t create or enforce policies to protect your credentials: Third-party vendors can have numerous practices that you can’t control – practices that create many opportunities for malicious hackers to enter your network, such as sharing credentials with other workers or reusing weak passwords from personal accounts that are easily hacked or exploited. And the threat is very real: 62% of network intrusions involve compromised credentials.
- The more secure your VPN is, the less productive your workforce is: While VPNs increase security, connection speeds and application performance can decrease due to a variety of factors. It takes time for VPNs to encrypt the data—and the higher the level of encryption you use, the more time it will take. And other factors, such as server location and server bandwidth, can also reduce speed. The result can be slow application performance or even lack of application access, impacting workforce productivity and customer service quality.
- High support costs of VPNs increase the cost of doing business: With VPNs, there’s no centralized remote management. So, without the ability to deploy, monitor and manage all of your connections from a remote location, your support personnel will spend a lot of time and money supporting the VPN. In addition, third-party vendors may frequently lack the in-house technical support to help with everything from initial setup to everyday issues. You might even need additional resources at your help desks to assist users.
- Desktop sharing authentication is minimal: Desktop sharing tools are great for collaboration, but they allow employees to surrender control of their desktop with minimal authentication. Worse, when it comes to third-party access, these tools may force vendors to bypass their own authentication structure.
- Desktop sharing does not provide strict access control: Desktop sharing does not provide the necessary support to limit access to web servers, databases, and business applications. This creates network vulnerabilities that can be exploited by hackers.
- Desktop sharing does not require sessions to be recorded: While most desktop sharing tools allow sessions to be recorded, this is rarely enabled. To be secure, these sessions should be recorded and include a complete list of activities of each individual participant.
- Desktop sharing has a limited audit trail: To ensure compliance and accountability, audits should include details of files transferred, chats, session recordings, attendees, and other contextual information.
Remote access is critical to any enterprise. However, not all remote access platforms are created equally. Access granted to employees that work offsite is very different than access provided to third parties or vendors. Security is essential in both types of access, but managing remote access for external players should include increased protection protocols and dedicated connection tools. Vendors require remote access to support their technology on their customer’s networks. Many companies use either VPNs or RDP. VPNs provide encrypted access between a remote user and your network. With desktop sharing software, you can gain access to a remote computer—like a mirror image of your computer for use at home. With RDP, you can access your files and use capabilities on that remote computer. A VPN only provides access to the network. While desktop sharing provides access and a VPN provides some level of security, neither are seamless or secure when it comes to third-party remote support. These options solve different problems, but it’s important that you use the right tool for the job to ensure security and regulatory compliance.
The VPN exposure
An enterprise that provides its third-party tech vendors with remote access through a VPN will find those vendor support reps with more access than they need. Furthermore, VPN credentials are easily shared, leading to unwanted, unknown users with access to sensitive systems. Sharing credentials is a critical element to consider when deciding on what tool to use for remote access. For a large company, it is difficult to track the employment status of a vendor’s entire support team. When an employee or contractor no longer works for a vendor, if VPN credentials are shared that former employee could walk out the door with access to your network. Now, don’t get us wrong– VPNs have a time and place at many businesses. In fact, we use them here at Imprivata all the time. If I, or any internal employee, need to connect back to a server or network, we use our VPN to do just that. So, VPNs are great for internal employee access, but aren’t made for external vendors.
Desktop sharing limitations
Desktop sharing tools do provide fast access; however, when it comes to third-party remote access, efficiency and security can get lost. For example, technology vendors frequently need to access a client’s computer. If the client allows unattended access, security is compromised. If the client decides to manage security and provide only attended access, a work slowdown for both parties often occurs. In other words, simple desktop sharing tools do not provide granular access controls to provide the level of network security needed for vendors and third parties.
Invest in vendor access management
With both VPN and desktop sharing, the basic auditing provided usually doesn’t meet the requirements for regulated industries (like HIPAA and CJIS). In addition, they don’t give you a complete view of who is accessing your network and exactly what systems or files were sourced. In other words, if something bad happens (like a data breach or ransomware attack) and the hacker or bad actor got access through a vendor login, you have no way to track that back to the actual vendor. Instead, using and investing in a single, secure platform solves the problems created by VPNs and desktop sharing while still giving you fast, secure access. Find a platform that serves both enterprise and technology vendors that make secure remote access a reality. Vendors want fast and secure access without the burden and liability of managing multiple network credentials. Remote support is simple and secure while providing enterprises with complete visibility and control of who is on their network and where they go. Ready to see if your VPN is worth the security risk? Download our helpful and interactive checklist to see.