No flaws found in OpenVPN software. Our response to the CVE-2019-14899 vulnerability report.

A Better Alternative to Usernames and Passwords

Case Study: DevSquad

DevSquad is a large company headquartered near Salt Lake City, that specializes in providing tailor-made and innovative on-demand software. They possess broad industry knowledge and have proven themselves in a wide range of projects — from computer vision to industrial printers, and from product prototyping to regression testing. They are always up for a challenge and are passionate about developing great software. With over a decade of experience, they are definitely a force to be reckoned with in the tech industry.

The Challenge

With headquarters located in Utah, the company’s remote workforce connects from all over. The company needed a solution to provide its team with secure ways to connect to corporate servers and client servers. As a security-conscious firm, they set up a bastion host to provide access, but without a reliable VPN, DevSquad relied on a community username/password system — that was not as secure or effective as they wanted.

DevSquad recognized that despite training and policies, some employees just won’t choose strong enough passwords, and they needed a better way to ensure the people accessing the network were who they said they were. The company started looking for a new solution to securely connect their remote workforce while providing easy ways to implement access control and end-point authorization measures such as two-factor authentication.

Our Solution

OpenVPN Access Server provided DevSquad with an easy way to keep the company’s remote workforce connected. The company downloaded Access Server on AWS using Terraform, which made it easy for DevSquad to implement. OpenVPN Access Server was launched on an Amazon Machine Image (AMI) within their Virtual Private Cloud (VPC). Remote employees can connect to the VPN and gain access to network resources within the VPC — and Devsquad can protect their cloud services within their VPC without granting public access. To meet their access control and end-point authorization needs, DevSquad enabled two-factor authentication (2FA) for all of their clients and employees. By implementing 2FA, attackers are less likely to successfully impersonate employees or clients to gain access to devices and networks containing sensitive business resources. OpenVPN Access Server allows DevSquad to take care of business securely and effectively, with a much lower risk of network intrusion.

+

“What I most like about OpenVPN is that it’s easy to setup and use, and we can easily enable 2FA for all of our clients and employees. If you need a simple and secure VPN, you should use OpenVPN.” – Marcelo Domingos, CEO of DevSquad


OPENVPN ACCESS SERVER IS FREE TO TEST ON TWO VPN CONNECTIONS.

Want to know more?
Back to top

Further Reading