To help you decide on your approach to using a VPN for remote access, we have just released our new VPN guidance.
We know many of you struggle with the multitude of configuration options and products available when making decisions on VPN use, and we’ve received questions on Twitter too. So we’ve taken the opportunity to add to our existing EUD content with some additional VPN-specific recommendations.
Aimed primarily at enterprise administrators and risk owners, the new guidance should help you to understand the characteristics of VPNs, and their implications in terms of risk.
We’ve also clarified our position on a number of points, including the choice of protocol used by VPNs and whether to used forced or optional routing for your data. These should help to explain why our per-platform EUD security guidance makes the recommendations it does.
As always, if you have any feedback on our guidance, please use the Contact Us page to get in touch.
Source: National Cyber Security Centre
