What´s Inside? 04
#1 VPNs Slow Down The Computer Or Device
06
#2 SSL VPNs Support Web And Browser Applications Only 07
#3 VPNs Only Allow Access To The Organization’s Data 08
#4 VPNs Are No Different Than Other Portals 09
#5 VPN Connections Fail Often And Require Repeat Log-Ins 10
#6 Cloud Computing Is Also Making VPN technology obsolete 11
#7 VPNs aren’t a helpful part of a mobile Workplace Strategy 12
#9 VPNs Expose Corporate Assets To Malware On Unmanaged PCs 15
#10 Keystroke Loggers Can Compromise VPN Authentication 16
#11 VPNs Leak Corporate Date Onto Home And Public PCs 17 #12 VPN Management Policies Are Difficult To Administer 18
About HOB 21
Contact 22
Legal Notice 23
What`s Inside?
The upcoming “always-on” mentality in people´s private lives translates into their business lives, as well. Thus, employees
start demanding not only flexible work -places but also anywhere, anytime ac-cess to corporate resources so that they
can work whenever, wherever and howe -ver they want. Ne-vertheless, one should
not think that only employees benefit from
this trend, companies do so, as well – just consider higher employee motivation
and satisfaction or enhanced productivity levels of employees working mobile. The
simplest solution to this trend: use remote access technology in your company – to securely connect employees, customers or even partners with your company´s site.
Contrary, IT administrators have heard
about or also faced several problems with VPNs in former times. So it is not
astonishing that they eye VPNs critically. However, it is time to clean up with myths
about remote access technology as to fully
understand the value they propose to
com-panies. Of course, people do not want
their remote access solution to cause problems with their device, whether it’s a laptop, tablet or smartphone owned by the organization or the employee. Moreo-ver, data security is not a question, i.e., it must be ensured that remote access
se-curely connects the user to the network.
But: VPN technology has been around a long time and it continues to improve
and offers people a highly-reliable, fast
and consistent approach to gain secure access to data and applications stored in
VPNs are ideal for many types of mobile
employees. “Mobile” doesn’t necessarily mean team members spread across the
country or world. A mobile worker also in
-cludes people sit in conference rooms all
day, have meetings at customer sites or
work from home or while travelling. Ba
-sically mobile workers are all those who are rarely in their office or workspace. And, for employees who utilize their own devices, VPNs add a level of security, too.
Over the years, many myths about VPN
technology for remote access have come up. Some of these have never been true
and others are not any longer true due to enhancements in technology. Below are several myths about VPN technology that are worthwhile dispelling.
#1 VPNs Slow Down The Computer Or Device
VPNs, especially early versions of VPN software, gained a reputation for slowing down computer performance.
Since then, many things have changed: faster protocols have been developed,
new and better possibilities to compress
data exist, and Internet connections have become tremendously fast. Additionally,
modern remote access solutions on an
SSL basis do not require downloading any software onto the device, and therefore, it can not impact the device’s performance. The device does not need to be “known” on the company network. Today’s VPN
technology checks every device before
granting access to company resources.
The parameters in which the VPN checks in these devices are configurable by the
IT team.
In today’s computing environment, where
users often have multiple large files open at once, there is no room for any capabi
#2 What Should I Expect From A VPN Provider?
Early VPNs were limited in the user activi-ties they supported.
Today’s high-quality VPNs offer a choice of access methods from clientless brow
-ser interfaces to thin-client SSL tunneling. Early SSL VPNs began as HTTP proxies,
allowing employees access to web ap-plications through a VPN gateway using an ordinary browser. Today, VPNs also
offer browser-launched thin clients that
can support just about any application by tunneling non-web protocols over
SSL. VPNs also enable users to access not only Windows Terminal Servers and
applications residing there but also
further resources like, e.g. desktop PCs, be they virtualized or not, file servers or the company´s intranet. Users today ex
-pect access to their information anytime,
anywhere, whether they are stored in the
company´s network or in a public or priva
-te cloud. Today’s VPNs offer that flexibility and with the identification, authentication
and authorization services included they
ensure appropriate access only for those
come confused and use the employee’s
home or mobile number as there primary contact point.
VPNs provide a variety of different servi
-ces that help users keep ac-cess to all cri
-tical information, not just documents and other forms of data.
#3 VPNs Only Allow Access To The Organization’s Data
Many users only consider VPNs useful to access an organization’s network to up-load/download data.
Modern VPN technology includes remote VoIP capabilities that enable employees to use the same telephone number as
they do at work. This makes their location even more “seamless” to fellow emplo -yees, customers, vendors and others. VoIP capabilities are particularly important when phoning customers as they can
be-#4 VPNs Are No Different Than Other Portals
There has been a misconception that ba-sically stated, “All portals are alike.” This is definitely not the case.
VPNs can provide highly-personalized
portal views that are a function of each
user’s individual access rights. Today’s VPNs provide dynamic access portals.
Network managers can define server ac -cess with application publishing in a way that the user only sees his personal, cus-tomized portal.
While users want anytime, anywhere
ac-cess to information, it is up to the network
manager to ensure that each user only
has access to the information and servi -ces that senior managers have
determi-ned are relevant for each user. Additio -nally, users are not overwhelmed by too
many options that are not made for them. Thus, it is easier for users to cope with the VPN solution, particularly if they are not IT experts.
#5 VPN Connections Fail Often And Require Repeat Log-ins
VPNs had gained a reputation of failing, requiring the user to log in repeatedly.
VPNs provide high availability and single sign-on techniques ensuring users are continuously connected. Today’s VPNs
resume automatically after loss of con
-nectivity, quickly and without user inter
-vention. Some facilitate network roaming;
e.g., an employee’s authenticated state
may be kept during a brief loss of con -nectivity or reinstated transparently via
single sign-on. Moreover, with today´s solu-tions it is ensured that data are not lost in case the connection is interrupted.
VPNs are so reliable today, that network managers often rely on them for allowing
users to connect their personal devices
to the network, even when the user is in the office.
#6 Cloud Computing Is Also Making VPN Technology Obsolete
There is a misconception that cloud com-puting has eclipsed VPNs as a valuable technology.
There is no doubt that cloud computing
has given employees a new level of free -dom to store and retrieve important con-tent. However, there are countless stories
of cloud sites suffering from cyber attacks due to lack of security protocols. IT teams
will never allow critical data to be stored in a cloud environment that does not in-clude robust security measures, which should always include VPNs. In addition, cloud service providers are best served
with a high performing VPN solution to
enable all their customers to access data stored in their cloud.
Cloud computing has, in fact, enlivened the need for robust VPN technology. The
cloud phenomenon has trained users to
expect anytime, anywhere access to their information. VPNs are a critical compo
#7 VPNs Aren’t A Helpful Part Of A Mobile Workplace Strategy
Some belief that in today’s mobile work environment, where people want to access all information on a variety of devices, VPNs do not have an important role to play.
Quite the opposite, VPN technology is a
critical part of a mobile workplace strat -egy. VPNs enable the employee to gain access to corporate resources with the
same speed and controls as in-office
teams can. Even when an employee is
in the office, IT teams can also configu
-re access to the network only through
the VPN. This might be a reasonable
ap-proach if employees use their own de
-vice on company site, too. If this is the case, the access via VPN on site makes
sure that no virus or other malware gets
into the company network from the pri -vately held device. Additionally, modern
establishing a second Internet connec-tion while being connected to the
com-pany network (anti-split tunneling). This is a further security measure to protect the company network against malware.
The flip side of offering anytime, anywhere information and services access is the need for network managers to provide
robust security.This obstacle can be
overcome by the use of a highly functional
VPN solution with many security
#8 Once An Employee Has Remote Access, He Or She Can Access Com-pany Resources Forever
Network managers still fear that a freelan-cer or employee leaving the company will take log in credentials with them.
When someone leaves the company, the
IT team can quickly delete that person from the authorization list and remote access (or any kind of access for that matter) will no longer be possible.
Because people change jobs frequent -ly and many companies employ large
numbers of freelancers, it is essential that network managers can prevent their
access to company information as soon
as they quit the company. Additionally,
this should be an easy task for the IT ad -min which comes true with modern VPNs
that allow for central administration and configuration. Just some clicks – and the
user has been deleted.
And even while employees are working for the company, IT administrators can granularly define roles and rights for each
and every single user – up to the
possibi-lity to completely prohibit access from an external site under particular circumstan
-ces, e.g., if the employee wants to ac
-cess data from a public Internet café. This
ensures that each user can only see and access the data he or she is intended to.
Thanks to multi-tenancy data of different branches, site offices or user groups can
#9 VPNs Expose Corporate Assets To Malware On Unmanaged PCs
Because PCs can be exposed to malware through Internet access, by infected USB drives and through out means, there has been a belief that an infected PC can in-fect a network through VPN connections.
Today’s smart VPNs can measure endpoint robustness and compliance, and then determine whether and how to grant access to authorized content. VPN sessions can be used as a solution to
evaluate each endpoint’s integrity before
authenticating the user or authorizing
access. For example, VPNs can query
endpoints version/patches and antivirus presence/signatures. Frequently, VPNs
can analyze managed endpoints for
compliance with corporate security
policies. The quality of network security is only as strong as the weakest area.
High-quality VPNs include necessary
functionality to protect critical data
assets. Additionally, modern VPNs do not store any data on the accessing device.
Thus, data are securely kept within the company network even if the device is
Spyware has also grown more common. Keystroke logger Trojans are a particular
threat since they can capture reusable
text passwords before endpoint security checks are complete. High-quality VPNs today can mitigate these concerns; some
#10 Keystroke loggers can compromise VPN authentication
VPNs had an early reputation as being a weak point in a network’s security infrastructure, especially in protecting against keystroke loggers.
VPNs actually prevent this threat with strong authentication, in combination
with external authentication servers or
built-in strong authentication services.
Cybercriminals are increasingly focusing on personal identity theft for financial gain.
display “virtual keyboards” that avoid text passwords, others can be paired with enterprise two-factor authentication servers. Far from being a weak point, particularly against keystroke loggers, VPNs are actually a network strong point.
#11 VPNs Leak Corporate Date Onto Home And Public PCs
Some believe that offering VPN access to a network allows users to download as much network information as they want.
VPNs can prevent this by limiting what
each user can do, keeping data safe
during a log in session and then deleting it
at log off. So, the VPN solution deletes all cached files with log-of and, additionally,
the user might never be allowed to locally store data on the accessing device. VPNs
reduce risk by enforcing granular access controls. These policies may, for example, deny thin-client SSL or IP tunnels from
endpoints that are not fully trustworthy and provide read-only access to files.
Secure VPN authentication ensures users can only upload/download information
they are authorized to send/receive. They have precisely the same access to
information as they have when they are in the office.
#12 VPN Management Policies Are Difficult To Administer
It is believed by some that VPNs are complicated to manage, leaving open the possibility that users can gain access to information for which they are not authorized.
VPNs can use central policy managers and integrate with enterprise authentication
servers and directories to simplify
administration. It is always possible that policies will become unwieldy, given multiple access methods, endpoint
security checkers and other policies. It is up to the network administrator to use
his/her authority wisely to achieve desired
security without rendering the VPN difficult
to manage.
Today’s VPNs are quite simple to manage
and give network managers a wide range of options that ensure users gain only access to appropriate information.
With the growing threat from worms, viruses, hacking, spyware, data theft and
application abuse, remote access VPN connectivity must also include proper
endpoint and network security technology.
Unprotected and/or incomplete VPN security can create several issues:
It allows employees to introduce
malware into the network during
remote sessions
Allows for unwanted application traffi c, such as peer-to-peer fi le sharing, into the main offi ce network, slowing network traffi c
Leaves open the possibility of information theft of data such as customer fi les and IP
Enables intruders to hack remote-access sessions, giving hackers access to the network.
It allows employees to introduce
Allows for unwanted application
Leaves open the possibility of
remote-To avoid a network breach, the employee’s
device and the VPN gateway to which the employee connects must be secured
properly as part of the VPN deployment.
Employee devices should have endpoint security, such as data security,
anti-spyware, antivirus and a personal firewall. The fact that the worldwide VPN technology
market continues to grow at double-digit rates indicates that this form of remote
access technology continues to thrive.
The high-security, flexibility to meet the needs of different network environments, and ease to use for IT teams and employees alike allows VPN to thrive.
About HOB
HOB GmbH & Co. KG is a mid-sized
German software enterprise that deve
-lops and markets innovative and multiply
awarded remote access solutions
world-wide. The core competencies of this successful company, founded in 1964,
comprise server-based computing, se-cure remote access, VoIP and virtualizati-on. HOB products are deployed in small,
mid-sized and large enterprises.
In the HOB headquarters in Cadolz-burg and in locations throughout the
world, HOB has approximately 120 employees, half of which in the de -velopment departments. HOB has
branch offices in Malta, the USA and a partner company in Mexico.
Interested?
Would you like to check out the numerous benefits of HOB Software?
Just call us or send us a quick mail!
You are welcome to contact us:
Inside US
HOB Inc.
Headquarters NY
245 Saw Mill River Road Suite # 106
Hawthrone, NY 10532
Tel: (866) 914 - 9970 (toll free) (646) 465 - 7650
E-Mail: marketing@hobsoft.com Website: www.hobsoft.com
Outside US
HOB GmbH & Co. KG
Schwadermuehlstraße 3 90556 Cadolzburg Germany Tel: +49 9103 715 0 E-Mail: marketing@hob.de Website: www.hob.de
Legal Notice
HOB GmbH & CO. KG. KG
Schwadermuehlstr. 3
90556 Cadolzburg
Represented by: Klaus Brandstätter, Zoran Adamovic
Contact:
Phone: 0049-91037150
Fax: 0049-9103715271 E-mail: marketing@hob.de Register of Companies:
Entered in the Registry of Companies, Registry Court: Amtsgericht Fürth, Registration Number: HRA 5180 Tax ID: Sales Tax Identification Number according to Section 27a Sales Tax Act: DE 132 747 002
Responsible for content according to Section 55 Paragraph 2 Interstate Broadcasting Agreement: Klaus Brandstätter, Zoran Adamovic, Schwadermuehlstr. 3, 90556 Cadolzburg
References for all images and graphics used: See Picture Sources
Disclaimer: Liability for content
The contents of this publication were created with great care and diligence. While we keep it as up-to-date as practicable, we cannot take any responsibility for the accuracy and completeness of the contents of this publication. As a service provider we are responsible for our own content in this publication under the general laws according to Section 7 paragraph 1 of the TMG. According to Chapters 8 to 10 of the TMG we are not obliged as a service provider to monitor transmitted or stored information not created by us, or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information under the general laws remain unaffected. Liability is only possible however from the date of a specific infringement being made known to us. Upon notification of such
violations, the content will be removed immediately.
Liability for links
This publication may contain links to external websites over which we have no control. Therefore we can not accept any responsibility for their content. The res
-pective provider or operator of the website pages to which there are links is always responsible for the content of the linked pages. The linked sites were checked at the time of linking for possible violations of the law. At the time the link was created in this publication, no illegal or harmful contents had been identified. A con
-tinuous and on-going examination of the linked pages is unreasonable without concrete evidence of a violation. Upon notification of any violations, such links will
be removed immediately. Copyright
The contents and works on these pages created by the author are subject to German copyright law. Reproducing, copying, modifying, adapting, distributing or any kind of exploiting of this material outside the realms of copyright require the prior written consent of the respective author or creator. The downloading of, and making copies of, these materials is only permitted for private, non-commercial use. Where contents of this publication have not been created by the author, the copyright of the third parties responsible for these contents shall be upheld. In particular any contents created by a third party are marked as such. If you become aware of any copyright infringement within this publication, we kindly ask to be provided with this information. Upon notification of any such violation, the concerned
S.1 - Philip Date (Thinkstock) S.4 - Fotolia
S.5 - Roberto Rizzo (Thinkstock) S.7 - Roz Woodward (Thinkstock) S.8 - Brand X Pictures (Thinkstock) S.10 - Jupiterimages (Thinkstock) S.11 - Zeffss1 (Thinkstock)
S.13 - Elena Schweitzer (Thinkstock) S.15 - Thinkstock
S.16 - Spectral-Design (Thinkstock) S.17 - RTimages (Thinkstock) S.19 - almagami (Thinkstock) S.20 - Andrea Danti (Thinkstock) S.21 - Thinkstock
S.22 - Creatas (Thinkstock) S.24 - Spectral-Design S.25/26 - Fotolia