Many companies are faced with the challenge of providing network access for their employees at all times and everywhere, while at the same time protecting valuable data within the company. Especially when it comes to making the workstation more flexible, IT must be involved and guarantee the security of the data. Because if an employee stays outside the company network for a project, or works in the home office, he or she must still be able to access company data so that the change to a digital and flexible company can also be completed. Here VPNs help to access the data from anywhere within the company. But for authentication with classic VPN connections, user name and password are usually still used here, which offers the lowest level of security in comparison, since employees like to “store” the complicated passwords on post-it under the keyboard. In addition, in practice passwords can be easily accessed via phishing or man-in-the-middle attacks, which can lead to company data leaks.
Fortunately, there are alternatives that promise more safety. The best option is certainly 2-factor authentication on a certificate basis in conjunction with a smart card. Here the user only has to enter a PIN when dialing into the VPN while his company identity remains securely stored on an encrypted second factor. But there is room for improvement in terms of the dynamic and mobile workplace, for example when the employee works on a mobile device like a tablet. Since wired smart card readers are impractical as peripherals and the simultaneous use of the smart card on different devices (multi-device capability) is severely limited – if not impossible – it is now necessary to find a solution that eliminates these weaknesses. And this is where mobile Bluetooth smart card readers such as AirID come into play, with which companies can extend their security to mobile devices using an existing smart card infrastructure. As usual, employees can log on to their Windows computer with Single Sign-On, sign and encrypt emails, sign documents or establish a secure VPN connection to the company network. And this on several devices and on end devices without a smart card slot, eliminating annoying wired peripherals.
For testing a VPN connection with a wireless 2FA solution there is now a corresponding test-use case in the AirID evaluation kit
Test the possibility of 2-factor authentication on a VPN and order the AirID Evaluation Kit for different use cases.
The comprehensive Secure Remote Access Suite HOB RD VPN enables secure access to company data über on the Internet. The Remote Desktop VPN offers all functionalities of a classic SSL VPN solution: clientless mode, tunnel mode and applet mode. HOB offers with the HOBLink VPN Gateway as well as the HOBLink Anywhere Client a VPN solution based on the IPsec protocol consisting of gateway and the corresponding client. With the HOBLink VPN Gateway also site-to site connections can be established beside client-to-site.
Read more about the joint solution in the joint solution brief.