Is your VPN safe? On Monday, January 29th, Cisco announced a major security warning for many of their ASA and Firepower security appliances. A vulnerability was found in Cisco’s WebVPN service that could allow attackers to exploit the device’s memory with XML messages, allowing the execution of malicious commands within the device. Fortunately for Cisco customers, a patch has been released, but these security announcements are a constant reminder that new security threats are always on the horizon. When accessing the security solutions, vetting your technology options has never been more important.
Make Sure Your VPN is Safe
In Google Cloud Platform, standard security features such as a security-focused Linux OS and hypervisor, delegated access between hardware and software components, and data encryption keep your data secure. You can rest assured that the backend components responsible your data are in good hands, it is at the access level where many security issues arise. For many users, VPNs are a great way to securely connect remote offices or users to a corporate data center. Where it becomes an issue is when these devices become compromised and now have access over a trusted connection directly into a corporate network.
Looking Into the Future with Google
Google began an initiative to address VPN security concerns with its BeyondCorp project. Their mission is to enable employees to access the tools they need to work from untrusted network without the use of a VPN. By controlling policies through an Identity-Aware Proxy, Google employees (and now Google customers) can leverage authorized and encrypted access to the tools they need, from anywhere in the world.
Whether you are still assessing migration to the cloud, or are already utilizing its services today, security is a shared responsibility and it is of utmost importance to ensure that your data is never in the wrong hands. Connect with SADA experts to learn more about Google Cloud and BeyondCorp.