COVID-19: Security, VPN’s and Remote Desktop

How do we keep our company running while working from home and under lockdown?

The main tools we’ve implemented for clients are VPN’s and Remote Desktop applications. A VPN (Virtual Private Network) will essentially transfer your network connection into the office allowing you to access onsite file servers and any other onsite resources needed for day to day operations. Remote Desktop tools allow you to remotely access your in-office desktop making it easy to navigate and perform tasks exactly as you would in office. This also means higher spec systems can still be utilised for intense use such as rendering, editing and any other program requiring significant resources.

What else do we need to be looking out for when home working?

With all the panic setting in we’ve noticed many companies having less than ideal solutions for home workers. This may leave you completely open to attacks from malicious users. Some types of VPN’s are more secure than others and some remote desktop solutions are also weaker than others.

This means while you and your staff can easily get into the office virtually, others most likely can too.  

Midnight Black Samsung Galaxy S9

What do we do?

First, if you’re using PTPP VPN. Stop. As this expert put it, “At this point nobody who cares in the least about the communications they intend to protect should be using [PPTP].” This is because PTPP itself dates back to Windows 95; the encryption can be brute forced in a matter of hours. Consider L2TP/IPSec, OpenVPN or SSL VPN protocols. These are just as easy to configure and provide much better encryption methods.

Regarding remote desktop solutions, consider one of the popular applications such as TeamViewer and Chrome remote desktop. These both offer 2FA via the account associated with it. Don’t start opening RDP up to the external network without first whitelisting IP addresses and locking it down thoroughly. An easier way to do this, if you insist on using RDP, is utilising the VPN connection first then users can RDP internally.

If you’re unsure about anything in this article and wish to learn more about securing your remote working infrastructure, get in touch. We’re always on hand to help and wish you all the best in these uncertain times.

Stay in, stay safe, have a productive week guys!