Smartphones, laptops, and a changing work environment that recognizes the value of flexible hours and telecommuting make it possible for many business professionals to work from home or while on the road traveling. For some, simply having access to email is enough to work productively. However, others may need to access files and resources on your office network. The best way to ensure appropriate access and security is to connect a VPN to your office network.
What is a VPN?
VPN stands for “virtual private network.” With a VPN connection, which securely connects your remote device to your office network, you can access your office network just as if you were in the building. Because the connection is encrypted, you do not need to worry about others snooping around your connection as you would with a public Wi-Fi connection. Think of the connection between your remote computer and your network as being a private pipeline.
Requirements for Setting Up an Office VPN
While there are dozens of VPN connection service providers out there, you will need a suitable VPN-enabled router installed in your office before you can create a virtual private network and connect to it.
VPN-enabled routers must have both wired and wireless connectivity, support up to 10 connections, and have built-in VPN features.
Setting Up Your VPN-Enabled Router
Your VPN-enabled router will likely include software, instructions, and a setup wizard so that you can quickly set it up. We recommend running the wizard and following the steps as prompted. Set up wizards cover every step from powering on your device and plugging in cables to configuring individual settings.
Securing Your VPN-Enabled Router
Next, you’ll want to make sure that your VPN-enabled router is as secure as possible. The two most important areas are:
• Encryption — Choose the most secure encryption offer your router supports. Most likely, this will be WPA2 with AES.
• Password protection — Next, change the router’s password. While the router comes with an easy-to-remember default password, such as “password,” these default passwords are well known and easy to guess. It doesn’t do much good to connect a secure connection only to leave the password wide open for anyone to guess. The best passwords use a combination of upper and lowercase letters, numbers, and symbols. This doesn’t mean they have to be notoriously difficult to remember. For example, can you remember a phrase as simple as “22 red shoes”? If so, the following password would have a nice mix of numbers, upper and lowercase letters, and a symbol thrown in for good measure: 22RedSh0e$. The longer you can make your passwords, the more difficult they become to crack.
Setting Up Users
Not everyone in your office will need VPN access, nor should they be granted it. Thus, you’ll want to set up your VPN users and permissions carefully. You’ll do this from within the router’s software.
• Start by enabling the VPN if you haven’t already done so during setup.
• Enable remote management.
• Create your first user account.
• Download and install the VPN client software on the first user’s computer.
• Configure the VPN client software.
• Connect the network on the user’s computer. In Windows, go to Control Panel, Network and Sharing, Create a New Connection, VPN. For a Mac, you’ll go to System Preferences, Network, +, VPN. At this point, you’ll be prompted to enter your office’s IP address. If your ISP has given you a static IP address, go ahead and enter it and test the connection. You should be good to go! If you have a dynamic IP address, here’s where it gets tricky.
Troubleshooting Connections — Dynamic vs. Static IP Addresses
Static IP addresses are just that, static. They never change, so pointing your VPN to the static IP address is a set-it-and-forget-it task. Dynamic IP addresses change. Thus, your connection will break periodically, causing needless concern and an extra step in determining and entering your new IP address.
If your ISP provides dynamic IP addresses, you have a few options:
• Live with it and adjust your VPN settings accordingly.
• Pay your ISP for a static IP address.
• Order a domain name and dynamic Domain Name Server (DNS) that points to your office. The dynamic DNS detects your IP address changes and then updates itself so that it provides the correct IP address to your VPN connection. There may be a delay, however.
Once connected, your authorized users can connect to the VPN — and your entire office network — remotely. Imagine going on a business trip and being able to remotely and securely access your network.
Finally, make sure to update your human resources procedures to ensure that whenever an employee leaves your company, VPN access is promptly revoked.
Need help addressing access and security for your office network? In New Jersey, Quikteks can help. Contact us to schedule a free network security assessment.