Virtual Private Network (VPN)
Policy
The use of a virtual private network (VPN) is required when accessing Lullabot's servers, or when accessing client's assets for clients that provide VPNs. A VPN should be always be used when working from unknown or untrustworthy locations, like public networks.
Scope
This policy applies to all Lullabot employees and contractors.
Compliance
- Since employees may travel and work outside of their home offices, their devices will be VPN-enabled. This will make it easy to use the VPN when they are working from any untrustworthy location.
- Critical infrastructure assets will be available only to necessary employees via the Lullabot VPN.
Explanation and Implementation
Lullabot and some of its clients provide VPNs that create secure internet connections from your computer directly to internal servers, which then forwards your traffic out to the internet. A VPN protects your traffic from being intercepted and viewed by any local network device, or even by your ISP.
It is important to understand that this only protects your traffic as it moves from your computer to an internal server. This means that once your traffic leaves the internal server, it is not any more secure than it would have been anyway. The protection is from other users or devices on your local network.
Finally, your VPN connection bypasses any local network restrictions. For example, it is not uncommon for public wifi hotspots to block services. By connecting to the VPN, you will automatically bypass any of these network-level restrictions. It is highly encouraged to use the VPN any time you are using public wifi at a coffee shop, airport, hotel, etc. This is especially true if you are using the same computer or other device that you use for work. If in doubt, err on the side of caution and use the VPN.