Whether an employee is working from home or on the road, users have the ability to open full data connections to either select systems or entire networks.
While password protection can offer a basic level of access restriction, weak or socially-engineered passwords and single-factor authentication can invite unauthorized access to wireless data and networks. Though conducive to enabling workforce agility, the use of VPN or DirectAccess without proper user authentication and authorization can pose potential security risks.
Requiring passwords for this connection provides only a basic level of assurance the access is from an authorized endpoint, since a leaked or guessed password will grant network entry to any malicious user. High assurance security comes from multi-factor authentication in which the user and the device have been secured by a cryptographically-sound digital certificate and credentials cannot be copied or moved to another device.