My company provides an Internet banking service for credit union members. Our local office administers the Web server that provides authentication, then accesses the banking database through the Internet at the remote credit union. Our connection between our credit unions is currently 128-bit encrypted, but creation of a VPN has been proposed between our office and our credit unions to strengthen security. Is creating a persistent VPN for data already encrypted overkill?
