We’re looking for a VPN solution for our remote workers but we don’t want to give them access to our internal network through the VPN, basically just protecting their laptop when they’re on public WiFi. Maybe something like NordVPN. I have a few questions regarding security.
Are there any security concerns when giving our employee a public VPN account?
What’s the best way to handle employee access to VPN other than our corporate VPN?
And will they still need to use MFA for services like NordVPN?
If yes, and they’re not accessing corporate network through the VPN then why does it make sense to use MFA?
I believe I have the answers but I just want to bump heads with other security professionals and get some ideas.