Craig discusses problems that businesses can face when using VPNs and why you should be looking to a Zero-trust network if you are running a business today.
For more tech tips, news, and updates, visit – CraigPeterson.com
Automated Machine-Generated Transcript:
Craig Peterson: [00:00:00] So we know a little bit about VPNs and what they are. So what’s zero-trust and how’s a zero-trust network run. What are we looking for here in the near future? More than half of businesses will be zero-trust.
Hi everybody. Craig Peterson here. Thanks for being with us today. Of course, you’ll find me online as well. You can just go to Craig peterson.com. I’ve started to do some three-minute training.
So the first one went out on Wednesday and I was really surprised just how much work it takes to make a three-minute training. But we did it, we got it accomplished. We’re going to try and have a couple of those a week, plus the weekend newsletter, which is, of course, a fair amount of work, but we’re doing it for you. Hopefully, you got a lot out of it.
I got a crazy number of responses to the first video. So thank you. Thank you. Thank you for your responses. Hopefully, I got back to you in a reasonable amount of time here, and we’re able to help you out a little bit. Anyhow, if you missed it, go look back on Wednesday this week that’s when I put out the first one. So it should have been in your email box Wednesday. As usual, it’s from firstname.lastname@example.org. So if you’re not getting them and you think you should be double-checking to make sure I am in your contact list or whitelist me somehow so that you get those. They’re important. I’m going to be doing more of those a week just to kind of a light touch. Let you guys know what’s up.
So VPNs have been around now for more than a couple of decades, they’ve been fantastic. They’ve saved a lot of businesses a lot of money. Now course, they tend to be kind of dangerous, particularly these free VPNs and the commercial ones that you’re using, to somehow try and make yourself more secure. I just shake my head every time I hear these ads that are misleading. They are lying to you it’s really not going to protect you that much, frankly, if at all. It gives a little bit of privacy in certain situations, but not in others. I had a great call with Doug in fact, this week. And he was having some problems. He is a small business guy been in business for a long time, sold his business and now he’s almost 80. I think he said he was 78. He’s kind of back in business, again, keeping himself busy and occupied. He was wondering and worried about trying to keep some of this stuff secure. So we went through it a little bit with him.
He uses macs, so it is definitely easier to keep secure. When he’s on the road, he has one of these little devices he takes with him that allows him to connect to the internet from Verizon. One that directs you directly connects you to the internet, which is dangerous. Another one that provides you with what’s called Nat or network address translation that’s a little bit safer. So he’s going to send me a model number in particulars of what he’s using so that I can help him out a little bit.
By doing that, he’s no longer tying into the wifi at the airport or on the airplane or at the coffee shop, wherever he’s going. He’s got his daughter doing that too, which I think is a very good idea. I know a lot of people, as well that do that. I do it as well. I have one of those little devices. I just replaced the battery in mine because it started swelling. The lithium-ion battery starts to swell, you’ve got to replace them. What can happen is when they swell they will short out and can start a fire. So be very careful about that.
So he’s smart enough to know that you don’t want to use public wi-fi. He effectively brings his own little wifi device with him, which is again, a great idea.
Some people try and use VPNs when they are out there on the road and connecting back into the main office or into their homes. I have that as well, and that lets me get directly in.
Most of the time now, what we’ve been doing for our office and for our customers is putting together zero trust networks. These are far more secure than anything else we have out there right now, as far as firewalls and everything else goes. The idea is, just like its name implies, that we’re looking at everything. We’re no longer just trying to do what’s called a perimeter security approach where we have a firewall at the perimeter.
Now we are trying to protect ourselves and our businesses from any kind of attack, including insider attacks, including the lateral movement that I’ve talked about so many times before. Where a bad guy gets a foothold inside of a network and that bad guy immediately tries to start spreading things. Very dangerous. Very, very dangerous. There’s a number of other flaws too. Perimeter security just doesn’t do a good job of counting for any third parties any vendors you might be working with contractors, all of your supply chain partners. If attackers steal somebody’s VPN credentials, now the attacker can get into the network and roam freely. Like I’ve talked about many times.
Many of us use the same username and password on pretty much every device out there. That’s a problem because when it gets onto the dark web, now the bad guys have it. Plus the VPNs over time have become a lot more complex and very difficult to manage.
It’s rare. I say rare but I’ve never seen an exception. In other words, it seems that these businesses have misconfigured VPNs. It seems to be a pandemic out there, frankly. A lot of pain around VPNs.
So this is going to change it all. You are. We’re going to have different equipment internally. Your devices are not gonna be able to connect to each other directly.
So the way we have it set up all of the devices on a network, instead of speaking directly with each other, have to go through at least a firewall. The firewall watches what they’re trying to do even inside the network. So it’s no longer just out there at the perimeter. Frankly, what we’ve been doing with VPNs, it’s just clunky. It’s outdated. Frankly, kind of dangerous. So keep all of that in mind.
All right if you need a little help, if you have some questions, I am more than glad to get on the phone with you guys and chat a little bit and help steer you in the right direction. You can just email me M E @craigpeterson.com and I’d be more than glad to get back with you. So keep all of that in mind. VPN is dying. Zero-Trust is what’s coming down the road.
Now, I just mentioned the problems of potential internal threats, and that can include bad guys that are in your network, spreading laterally, as I just mentioned, but it can also mean that your employees are the problem.
I’ve seen that before I had it happen to me, where I had an employee who took all of my customer records and took my customers with him. I could not believe it. I still can’t believe it to this day. What he did I don’t understand it. What does he think he’s doing? He may have built up a relationship with my customers. I don’t think he brought a single customer in. In fact, he built up a relationship with my customers, and then he figured, they’re his customers now because he has a relationship with them.
So forget it, Craig. They’re his customers. It is just absolutely amazing.
Shopify, which many of you have heard of before and many people are using. Has found that two of their support team employees were involved in a scheme to steal customer transaction records from specific merchants. It affected apparently fewer than 200 merchants, but there’s an example of where zero-trust can really come into play. Do your sales guys have access to information they shouldn’t have?
How about some of your support people? We have to make sure we’re monitoring where they’re going and what people are doing within our networks. Okay.
When we come back, we’ve got a couple more things to talk about Microsoft, Wanna Cry is coming back up again.
We’ll be right back.
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: