Multi-factor Authentication + VPN = Secure and Private

The world of mobile technology has pushed organizations to diversify workflows, but as we diversify, so do the attacks. Before the proliferation of mobile devices, user credentials were protected by the corporate firewall. But times have changed.

There were 1.3 million malicious mobile installations blocked in 2017 by Kaspersky Lab. Endpoint security has become paramount in an age where identity is the new perimeter. In order to secure that perimeter, many organizations are looking to marry their current network infrastructures with new security solutions. This is where two security solutions can work together as one.

VPN – endpoint security for organizations

Virtual private network (VPN) technology isn’t new — it’s been around for more than 15 years. But as times have changed, VPNs have too. Most VPN providers have embraced new ways of working by offering mobile endpoint security solutions, and a good VPN offers much more than just security-enhancing encryption.

Corporate VPNs, for example, can greatly reduce the risk of security breaches and cyber attacks. In addition, corporate VPNs offer scalability and savings when compared to non-VPN, remote-access services. The centralized resources they offer IT provides the controls they need to manage and secure their domain.

The risks of a VPN

VPNs offer excellent security, but they do come with their share of risks. Most VPNs require a traditional username and password combination, which can easily be guessed or stolen. Compromised VPN credentials are a far greater prize to attackers than a single application as they are often configured to give much greater access to tools and information. In the instance that VPN credentials fall into the wrong hands, malicious actors are essentially provided with the keys to your corporate network.

Secure your VPN with Multi-factor Authentication

According to Verizon’s 2017 Data Breach Investigations Report, 81% of data breaches involve weak or stolen credentials. VPNs should be secured like any other application that relies on a username and password combination — with multi-factor authentication (MFA). A VPN without MFA is a house without a gate — with the right key, attackers can simply let themselves in. By implementing MFA with a VPN, organizations create a second layer of defence. 

Risks, however, are not always static. Nowhere is this more evident than when managing a remote workforce, where neither the location nor the device used by each employee are consistent. An adaptive MFA solution mitigates this by dynamically adapting security and authentication policies based on the user, device, or location, prompting a user for an additional factor (such as verifying a push notification or an email OTP).

VPNs ensure company tools and information remain secure and private, but if VPN log-in credentials are the keys to the kingdom, then another layer of security is crucial to ensure they don’t fall into the wrong hands. Okta’s adaptive MFA solution offers security without sacrificing the flexibility today’s workforce demands.