McDonalds and similar (fastfood) restaurants provide everything you need for a Disaster Recovery office location. Furniture, food, drinks, HVAR, sanitation, cell phone coverage, parking space and, very important, free WiFi! So, for the immediate recovery of a disaster you and you colleagues can settle in the nearest fastfood restaurant and continue your work. However, the used WiFi connection can be "open" and unsecured!
Assuming that your IT infrastructure is still available, you can use McDonalds' WiFi and your existing VPN solution to connect to corporate applications and data. Maybe many of your colleagues are not using VPN (often) and they might be struggling to set up a VPN connection. Or your company might have a policy that you always have a VPN session to the datacenter and use an "Always Tunnel" configuration.
In these cases you can configure an "always on VPN" network configuration with DirectAccess (Windows) or OpenVPN (Open Source) or with another VPN solution. But how do you prevent that VPN credentials are stolen from PCs that are all or not connected to the corporate network? Answer: use a Trusted Platform Module (TPM) to store and protect the VPN credential. You can create a VPN Digital Certificate and use the TPM to create and protect that credential with free or licensed TPM middleware.
This "always on VPN" configuration is fully transparent to user, gives the company full control over the data streams from/to corporate client PCs even when they are out in the field, and it is impossible to copy or steal the VPN credential from the PC. Consider that using and managing the TPM can be fully automated ("Zero Touch") and with a very low investment you have the best security and Identity Management protection that is available on the market today (and tomorrow!).
For more information about TPMs and how to deploy them for ultra secure VPN and other Identity Management solutions: beaukey@gmail.com
No comments :
Post a Comment