I've noticed that our users can access websites that are blocked by FortiGuard when they work from home without using the company VPN. While a significant amount of our sensitive data is stored on SharePoint, which users can access remotely, some users require VPN access for specific Azure file shares. Is the best solution to require all users to connect to the VPN, or are there better options to enhance security in this scenario?
5 Answers
A filtered DNS provider can work wonders. If you're considering alternatives, look into solutions like Cisco Umbrella that can provide effective content filtering regardless of the user's location.
If your organization relies heavily on Microsoft products, exploring Microsoft Defender Smart Screen might be worthwhile. It applies content filtering at the device level, helping to manage access effectively.
Using FortiClient alongside EMS can also help enforce web filtering policies. This setup lets you apply similar blocking rules to users at home, depending on whether they are connected to the VPN or not.
Implementing an 'always on' VPN can be really effective. In this arrangement, all traffic goes through the VPN tunnel, further strengthening your security. Just be sure to manage local LAN access carefully.
Consider looking into SASE solutions like zScaler. They allow you to enforce internet protection, which means users can't disable it and would be unable to access those blocked sites.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures