Security concerns arise for home workers allowed to VPN into company networks, Cisco 800 Series was the perfect fit.

Security concerns arise for home workers allowed to VPN into company networks

I was recently brought in by a company who had a security breach due to a home user who was allowed to create a VPN tunnel back to the home office. This was done by creating an end point to end point connection from the users home wlan router which has a vpn option on it to the home office vpn router. Normally this would not be an issue but the user set up different ssid's  for home and work, the only ssid that had any type of WEP on it was the one used for the company laptop. The other ssid's created for home users and children did not have a WEP settings created.

The home user thought that since the laptop was secure to the wlan router and it was one a secure connection back to the home office over a vpn all was good. But they did not think that other users could gain access to the company network off other ssid's. The problem was fixed for this company by myself and offering a new security plan and hardware recommendation. We recommended that the company invest in the Cisco 800 series router for remote users with wlan options. These router can be set up by the IT staff and sent out so that the user at home cannot make changes but will still have wlan services at home for the company laptop.

I know that most companies will just do a vpn from the laptop and be done with it, but we were working with what the company already had as an IT policy and they wanted to keep it some what the same. This brings up a good question, should companies outlaw this practice that caused the problem to insure a secure security policy?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Take IDG’s 2020 IT Salary Survey: You’ll provide important data and have a chance to win $500.