Securing VPN with Multi-Factor Authentication

Securing VPN with

Multi-Factor Authentication

white paper

May 2019

info@xecurify.com
+1978 658 9387 (US)
+91 77966 99612 (India)

CONTENT


1. Introduction

2. Why one should care about VPN

3. Where are the vulnerabilities

  1. Some VPN providers embrace your data
  2. There’s malware detected in certain VPN mobile apps
  3. Cloud VPN is more vulnerable
  4. Credentials phishing

4. How Multi-factor authentication helps to secure your VPN

5. Conclusion

3

3

4




5

7

Introduction

Virtual Private Network allows you to connect one or more computers to a private network most of the time via the internet. Even though this approach is not new, in recent years this has become more relevant mainly due to the new trends in the way companies work & more people want a greater level of online privacy.


Why one should care about VPN?

VPN allows you to connect to a private network securely and remotely. You can even link to different networks and servers in a secure way. It allows you to surf safely in a public wifi network, also helps prevent Man-In-The-Middle attack.

Source: commons.wikimedia.org

VPN tunneling ensures secure communication between systems. As the connection is encrypted, no one along the VPN tunnel can intercept, monitor, or alter your communications.


Where are the vulnerabilities?

It is said that no software is immune to vulnerabilities. Ordinarily when you connect to any website from your computer then that website can see your IP address but when you are using a VPN your data is not directly sent to the website you are visiting instead your IP address is first sent to one of the VPN servers. So the website you are visiting does not see your IP address they see the IP address of the VPN server. It means no one sees your IP address not your internet service provider, the government, or hackers so you become untraceable. No one can trace back to you. In short, the whole idea of achieving the web security of you and your organization using a VPN is keeping your IP address hidden.

But it is bothersome when you hear some news like Several privacy-busting bugs found in popular VPN services Or Authentication Bypass Bug Hits Top Enterprise VPNs. Though this was not good news such vulnerabilities occur every time in the cyber world. What’s important is how we identify and tackle such things.


Some VPN providers embrace your data

While it is also important that VPN provider should maintain full transparency because it is found that some VPN providers also hold onto your data. Most of the VPN providers claim that they do not maintain a log of your online session neither they maintain the logs for your IP addresses or servers used, websites visited or files downloaded but “no log” claim differ from one VPN provider to another.


There’s malware detected in certain VPN mobile apps

One study also found that some VPN mobile apps do have malware in it. This study was conducted by the Commonwealth Scientific and Industrial Research Organisation and they found that 38% of VPN android apps were infected by some type of malware. Also, some mobile apps requested access to sensitive personal data such as account details and messaging.


Cloud VPN is more vulnerable

Today cloud technologies have given a huge amount of collaboration and convenience to the organizations but it has also brought security challenges for them. While using Cloud VPN solutions companies exposes themselves and due to this, any hacker can gain access to their private data.

Credentials phishing

Credentials phishing is one rapidly growing attack in the cyber world, where a hacker steals credentials such as userID and password. Hacker displays himself as an authority and by the means of email or any communication channel he gets to know your credentials. If a hacker gets the credentials he can use it to get the sensitive info out.

How Multi-factor authentication helps secure your VPN?

Multi-factor authentication validates user identity with passwords and an additional layer of authentication (e.g. OTP over SMS/Email). That is why it is called multi-factor authentication. This provides greater identity assurance of a user who is accessing any resource via VPN. So with multi-factor enabled on your system, it prevents the hacker from accessing the resources even they know your username and password. As you have an additional layer of authentication hacker has to pass that layer which is not possible. However, we need to understand that not all MFA are the same and provide greater assurance of security. Many MFA solutions are slow or complicated and therefore inefficient.


miniOrange can be of great value here by providing 2-factor Authentication on top of VPN Authentication. This secures the access to protected resources instead of relying on only the VPN username/password.


miniOrange uses the Remote Authentication Dial-In User Service (RADIUS) protocol. Communication between the client and RADIUS server are authenticated and a shared secret is used, which is never sent over the network.

workflow

Here the RADIUS client is nothing but the VPN. If you take a look at the steps then you can get an idea of how Two-Factor authentication is used with VPN.


  1. The user enters the login credentials to the VPN.
  2. RADIUS Clients sends the login details to miniOrange RADIUS server.
  3. User details are checked with Active Directory.
  4. When the AD finds the user it sends the response to miniOrange RADIUS server. First-factor authentication is completed here.
  5. A challenge response is sent to RADIUS clients for second Factor Authentication.
  6. RADIUS client prompts the user with 2FA challenge. (e.g.OTP over SMS/Email).
  7. When the user validates himself with 2FA. The authentication response is sent to miniOrange RADIUS server.
  8. After checking the response RADIUS server grants access to the user.

This way miniOrange ensures that no unauthorized person gets access to the VPN. miniOrange acts as a RADIUS server that takes username/password from the user and validates it with Active Directory (AD). After checking with the AD it prompts the user for Two-Factor authentication. If the user successfully completes the 2FA then the server grants the access.

Conclusion

These days organizations have become fully aware of the use of Multi-Factor Authentication for an extra layer of security along with VPN. Unauthorized access to your VPN is likely to cause more harm to the business. Multi-factor authentication plays a key role in securing your network, data & resources.


miniOrange has succeeded in dealing with Identity and access management problems and we ensure you have a safe and secure access to your resources. Our 2-FA authentication adds a 2nd layer of authentication when you are gaining access to protected resources through a VPN.