Increasing Vpn Security In A Multinational Environment With Military Grade Encryption

A Fintech company with remote operations needs secured solutions to facilitate business communications and the transfer of data between employees. VPNs are solutions that help with this need for security while also reducing the costs of communication.
However, what happens when your deployed VPN holds certain vulnerabilities with security? How do you get rid of these vulnerabilities, improve security, and also limit your costs on advanced infrastructure deployment?
Our case study focuses on how Acme Widget improved its VPN environment by working with a GIAC-authorised professional.

Acme Widget established a headquarter in North America in 2001, with the primary aim of operations being to provide financial, legal, tax planning, and treasury support to the Italian headquarter and for North American operations. 30 staff members were hired, office renovations began, and members were required to work from home.
This remote work environment created a problem relating to the secure access to emails and departmental files on the existing office server. The existing RAS server couldn’t accommodate 30 remote users. To fix this, a Windows 2000 VPN with 25 PPTP ports was set up at the office, and firewalls were deployed at each user’s home to assure security.
A GIAC professional was hired to run an assessment on the new VPN deployment and an issue was found with VPN termination points within the framework. Terminations behind the firewall and on the domain controller posed major threats to sensitive user account details, financial information, and server integrity.

A new VPN that was rid of these was the obvious solution and our GIAC professional identified one that additionally reduced costs by offering a managed server solution; Cisco VPN.
The new military-grade Cisco VPN implemented IPsec instead of PPTP ports and this allowed for improved activity transparency through accurate traffic logs. Computer-level authentication was also added to user-level authentication, ensuring greater security all-round.

The initiative of Acme Widget to hire the services of a GIAC professional saved it from massive losses that would have occurred through a vulnerable VPN deployment. This improvement in VPN was also achieved on a limited budget, over a short period, and covering large multinational locations.
The terms “multinational locations”, “financial information”, and “user authentication” point to how useful a secured VPN deployment is to Fintech companies.