​Over the past several decades as a security professional, I’ve witnessed countless security architectures, and been privy to decisions for policies and implementations. Perhaps the most reckless recurring security practice I’ve continually observed over the years is the installation of an organization’s VPN (virtual private network) software on an employee’s home computer for remote access. Simply put, BYOD and VPN should never mix or co-exist. Today, with the largescale move to go remote to support social distancing and help mitigate the Coronavirus health threat, the flaws of this practice are being hastily multiplied exponentially, and the damage will be reflected in widespread malware infections, corrupted systems, breached data, and organizations that get outright “owned”.

By admin