With remote work becoming more common in companies, it’s crucial that an MFA solution is implemented fully across the company’s system. Most companies use VPNs to make sure their employees’ network connections are secure, but what about protecting the VPN itself?
LoginTC’s MFA solution works with any type of VPN, including Cisco. The Cisco VPN does its job when it comes to protecting your corporate network, but is still vulnerable to attacks, just like any other VPN when MFA is not implemented. So exactly what role does MFA play in protecting a VPN like Cisco?
Well, there are four main ways that you’re improving protection when adding MFA to your Cisco VPN. By adding Cisco AnyConnect multi factor authentication, you can guarantee that an MFA solution like LoginTC, protects your network and users from many types of attacks such as:
- Brute-forcing weak passwords: A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. Adding MFA to your Cisco VPN ensures an attacker won’t be able to log in to your corporate VPN network even if one of your users uses a weak (and easily-guessable) password.
- Credential stuffing attacks: Credential stuffing is a cyber attack in which credentials obtained from a data breach on one service are used to attempt to log in to another unrelated service. With MFA installed, an attacker won’t be able to log in to your corporate VPN network if your users use the same passwords on multiple websites that get compromised; this protects your VPN network from credential stuffing attacks.
- Man-in-the-middle (MITM) attacks: A man in the middle attack (MitM) is a type of cyber attack wherein an attacker intercepts the communications or data transmissions between two parties (such as a web server and user’s browser) in transit. Even if an attacker is able to snoop on the user’s traffic and is able to capture the user’s username and password as they are logging in, they won’t be able to log in using that username and password because they are not in possession of the MFA tokens (LoginTC Push authentication makes this even more secure as it uses out-of-band authentication).
- Malware: Malware is a type of software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system. Similarly, malware that’s running on the user’s device and captures keystrokes will be able to capture the user’s username and password but this will not be enough to authenticate as the attacker in control of the malware will not have access to the MFA tokens.
While these attacks may not have happened to your company yet, it’s still in your best interest to add MFA to your existing VPN in preparation. Cyber attacks are more common and more likely to occur in companies that have no MFA in place and rely solely on usernames and passwords.
Don’t outsource your security to your end-user’s password choices. Take control of your security with MFA.
