How to secure a corporate VPN.

Even before COVID 19, in 2019, hackers were mainly targeting corporations, resulting in an increase of 2000% of attacks against industrial IT systems and corporate applications (source: IBM X-Force Threat Intelligence Index 2020).

According to the IBM report, 8.5 billion data records were compromised in 2019, which represents an increase of 200% from 2018. The total cost for corporations due to hackers and ransoms reached USD 7.5 billion in 2019.

In a hyperconnected world, the COVID 19 pandemic has resulted in an exponential growth of remote connections from employees in 2020.

Remote corporate access

The remote working trend in 2020 due to COVID 19 means that corporations have to open their IT systems to external and remote usage for a majority of employees, which obviously brings new risks in terms of fraud and hacking. As a matter of fact, today, most major corporations are reengineering the way they work with the impact of COVID 19 on office presence. In contrast to the past, when most VPN access was performed from a PC within a corporate office, today, most employees are working remotely from a home office; therefore security is becoming the very top priority for CIOs, especially for personnel to connect to critical data such as industry know-how, confidential customer data, as well as financial and HR portals

Home office is today’s new corporate office

The local home office is now becoming a part of the virtual corporate ecosystem with multiple entries with BYOD practice (Bring Your Own Device) using smartphones, tablets, PCs, Macs, and further risks of fraud and hackers’ intrusion.

Are industry data and customer information leaks a serious case when an employee is connecting to corporate files through the VPN?

YES, of course! And with a serious impact on the company productivity and competitiveness.

Attacks on mission and business critical applications in an exponential curve

Attacks are increasing exponentially in 2020, targeting all industries including large corporations and hospitals. Think of the value of a technical plan of an airplane, a satellite information map, a financial statement, or a patient’s medical file downloaded by competition or cybercriminals? What is the impact of losing competitive or confidential data for a corporation? This could simply lead to bankruptcy if your industrial production is stopped (automotive, aerospace for instance) or your customer files corrupted or stolen.

Today, the fact is that all mission and business critical information is stored on servers with digital access. There are very good VPN applications managing the access of an employee to corporate applications or data files remotely. However, such applications are not secured well enough for remote access and must be protected by a higher level of security, for instance by a multi-biometric authentication.

What technology and solution solves the security issues when using remote access through a VPN?

While data and applications are confidential for the outside, they have to be accessed by several employees working remotely to keep company operations running during a serious pandemic period such as the COVID 19.

And this is where the problem lies. Classic login/password to access sensitive data through the VPN are not secure enough. And this is where the United Biometrics authentication platform comes in. The solution is based on the use of a mobile terminal – smartphone, tablet – a PC/Mac and/or a smart card whose holder is authenticated by means of multi- biometric factors (behavioural and classic).

Biometric authentication is a very powerful tool for security and privacy challenges. For instance, keyboard dynamics on a PC or a Mac (behavioural technologies) is an advanced technology capable of identifying or authenticating a person by the way letters are punched on the keyboard.

This is a very convenient method to secure employees’ remote access through VPNs. And facial recognition on both the PC/Mac and mobile devices is a very powerful authentication tool to prevent hackers from accessing your critical data and riding the VPN.

UNITED BIOMETRICS offers corporations the BANK KYC module to enroll all their teams securely. As all Biometrics are revocable and anonymous, this is an adapted solution to enroll all employees safely. The authentication platform is deployed on SaaS or on premises.

The Cyber Startup Observatory spoke to Christopher Richard and Yves Chemla from United Biometrics who both said: “the ergonomic design and simplicity of remote authentication access through VPN, with a very strong level of privacy and protection for the remote user and ultimately corporate collaboration. It is a very user- friendly way to secure remote access from a PC, a Mac, a smartphone or a tablet while keeping enterprise collaboration extremely safe”.

Christopher RICHARD and Yves CHEMLA are Co-Founders of UNITED BIOMETRICS. United Biometrics is an ATOS, AIRBUS, IBM Certified Partner architecting and developing a strong multi-factor authentication platform solution for Governments & Defence, Corporations, Banks, Healthcare, Carriers and Internet Players losing money or service capacity caused by large cyber- attacks and intrusions. The platform can hold millions of users and support massive traffic in real-time.

Source : https://cyberstartupobservatory.com/how-to-secure-a-corporate-vpn-with-biometric-access-manager/


ASK FOR ARTICLE





Start typing and press Enter to search