Implement two-factor authentication for VPN to not have to be deeply sorry or to not have to decide to pay a ransom.
We are always encouraged to learn from somebody’s mistakes, although we know how difficult it is and how to convince ourselves of the reality of the threat when it did not happen to us. Last year’s attack on Colonial Pipeline is an example, where single-factor authentication to log in via VPN become a vulnerability used by hackers. The attack resulted in the encryption of the data with ransomware. Although the company took quick steps to recover the data, paying a ransom of approximately $5 million, it did not save it from further unpleasant consequences. The downtime of the company resulted in delays in fuel deliveries, which led to a spike in gasoline prices, and further financial losses. As the investigation showed, the password used leaked from the darknet. The CEO of Colonial Pipeline assured that the system was protected with a complex password. "It wasn't just Colonial123," he said.
Nowadays, employees often work remotely by connecting to Wi-Fi networks provided by cafes, restaurants or shopping centers. Using such networks can be risky as we are never sure who manages them and how they are protected. Therefore, the use of the second factor every time you log in via VPN seems to be an absolute minimum.
NACVIEW has integration with popular VPN solutions, including Palo Alto, Pulse Secure, FortiGate, Cisco, and Sophos. During authentication, the user is verified twice, first entering his permissions for the VPN connection, and then with a one-time generated token, e.g. from the NACVIEW Authenticator application. By using the NACVIEW system, you get the functionality of two-factor authentication at no extra cost for an unlimited number of devices!
Check how it works and download the free NACVIEW NV-100 version: https://nacview.com/en/nacview-free-licence