VPN Cybersecurity Best Practices in Light of COVID-19

Given the increase in remote work due to the Coronavirus disease, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency is urging organizations to adopt heightened best practice cybersecurity for enterprise virtual private network (VPN) solutions.

VPNs provide secure remote access to internal networks and are often used to remotely and securely connect to an organization’s network to easily access and electronically share data.

However, a variety of VPN applications have vulnerabilities that could allow a hacker to take control of affected systems. Some patches have been released, but organizations should be sure they’ve updated to the latest system or employed workarounds.

Hackers have been targeting the VPN vulnerabilities in the US and other countries since the initial alert. Those attacks have continued through March, but many organizations have still failed to patch those known vulnerabilities. With the increase in remote work, CISA is also warning organizations that hackers are finding and targeting vulnerable VPN connections with malicious cyberattacks.

Further, as VPNS are likely always in use, it’s not always possible to keep them updated with the latest security updates.

As a result, cybercriminals will likely increase the rate of phishing emails targeting teleworkers to steal credentials. And those organizations that have not implemented multi-factor authentication (MFA) for remote access will be more susceptible to phishing attacks.

In response, organization should:

  • Update VPNs, network devices, and other devices being used in the remote environment
  • Employees should be made aware of the heightened risk of phishing attacks during the pandemic
  • Lean on NIST guidance to ensure your reducing exposure.
  • Implement MFA on all VPN connections
  • Use strong passwords

Your IT provider should:

  • Be prepared for increased need for cybersecurity
  • Increased Log review
  • Detection and monitoring
  • Employ incident response and recovery
  • Perform limit testing on VPN to ensure it can handle increased traffic
  • Be prepared to look out for suspicious traffic and investigate those incidents.
  • Someone dedicated to monitoring alerts and suspicious activity.


Considering many organizations are asking employees to telecommute, hackers will likely prioritize breaking into VPNs. Patching known bugs is step one (and absolutely critical), but it’s not enough. There are unpatchable weaknesses and non-public issues that hackers can exploit. To secure against these unknowns, companies need to look at the fundamentals.


RWK IT Services

Published by
RWK IT Services

Recent Posts

How Our IT Solutions Can Help You Scale Your Business

As every new email and headline reminds us, we’re living in uncharted territory in the…

1 year ago

How a Managed IT Provider Can Support Your Remote Workforce

In an office setting, employees can often get quick IT help whenever a problem arises,…

1 year ago

Technology Tips to Share with Your Remote Employees

Whether your company was originally designed to support remote work or not, it’s never been…

1 year ago

Technology Solutions Exclusively for Nonprofit Organizations

If you are a leader in a nonprofit organization, you already know your industry comes…

1 year ago

IT Considerations for Remote Employees

When you think about your company’s workforce, are there any team members that work remotely?…

1 year ago