VPN Access Can Be An Attack Vector The Network: A well known college system with 35+ locations and 30,000 students. The Expectation: Remote access to data center resources is essential but can be an attack vector, so 24/7/365 SOC monitoring is essential. The Catch: Netsurion’s EventTracker detected the same user had simultaneous successful logins but from geographically different locations. The Find: The user was working from home, but her ISP connection failed. She then proceeded to her favorite coffee shop and established a new VPN connection. The Fix: There was nothing to be done. The old VPN connection timed out. The Lesson: Remote access via VPN is often a vulnerability that is exploited by cyber attackers. Careful review of the use of such back doors into the network bear close monitoring.