VPN with Dual Factor Authentication
VPN [Virtual private network] security allows businesses to create secure links between locations extending their private network over the public Internet, by using SSL [secure socket layer] technology.
This creates an encrypted point-to-point connection across the WAN, however to the customer it appears as a private network, hence the acronym ‘VPN’.
Many network hardware providers’ products include VPN integration, such as Juniper, Cisco, F5, Fortinet to name but a few – There are also Open Source solutions available, such as ‘OpenVPN’, or ‘StrongSWAN’ for an IPsec based solution (Some devices/operating systems rely on IPsec).
Authentication
VPN tunnel endpoints require authentication before they can be established. Users requiring remote access via a VPN can authenticate in one, or more, of the following ways:
- Password Authentication
- Biometrics
- Digital Certificates
Many businesses are starting to require stricter access policies, for tighter and more regulated security. One of the methods of achieving this when remotely accessing a system from outside the network, is ‘VPN dual factor authentication’.
So, What Is Dual Factor Authentication?
Dual factor authentication solves the issue and strengthens authentication security by requiring a second ‘factor’ for authentication after the username/password stage. The password is something the user knows, the second factor is something the user possesses. This thwarts attackers who may have compromised the username and password credentials.
A traditional method of dual factor authentication involves the user being in possession of a key fob which generates one-time passcodes / passphrases, however the initial cost of purchasing these is high. This is also an extra small piece of hardware that needs to be tracked, maintained and can be easily misplaced.
zanaNET use ‘Duo Security’ services to enable the customer to use their mobile phone as the second factor for authentication. This works well as it’s a device that people have on them most of the time, and generally notice when it’s missing!
Why Use Dual Factor Authentication?
Many businesses protect their organisation only with a simple username and password combination. Entering these pieces of information potentially gives access to the company’s entire network. Users often set weak passwords which are easy to crack with ‘brute force attacks’, social engineering and other methods.
By ensuring that users can only access your business network with a secure username and password, and a piece of information generated in real-time accessible only by them, you can be guaranteed a far greater level of security.
A third factor can even be introduced by requiring that the user signs on with a digital certificate also!
Authentication access can be granted by:
Text message access codes
Phone call authentication
Push notification acceptance
Why Choose Us?
- PCI Compliant
- High grade encryption
- Fully managed
- Unlimited user capability
- Fixed VPN IP address
- NO setup fees!
- FREE zanaNET support
- Supports ALL smartphones and land lines
Get in touch and let our expertise open up new opportunities for you and your customers – No project is too big or too small, just give the team a call for a free quote.