Categories: Cybersecurity

VPN Cybersecurity Best Practices in Light of COVID-19

Given the increase in remote work due to the Coronavirus disease, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency is urging organizations to adopt heightened best practice cybersecurity for enterprise virtual private network (VPN) solutions.

VPNs provide secure remote access to internal networks and are often used to remotely and securely connect to an organization’s network to easily access and electronically share data.

However, a variety of VPN applications have vulnerabilities that could allow a hacker to take control of affected systems. Some patches have been released, but organizations should be sure they’ve updated to the latest system or employed workarounds.

Hackers have been targeting the VPN vulnerabilities in the US and other countries since the initial alert. Those attacks have continued through March, but many organizations have still failed to patch those known vulnerabilities. With the increase in remote work, CISA is also warning organizations that hackers are finding and targeting vulnerable VPN connections with malicious cyberattacks.

Further, as VPNS are likely always in use, it’s not always possible to keep them updated with the latest security updates.

As a result, cybercriminals will likely increase the rate of phishing emails targeting teleworkers to steal credentials. And those organizations that have not implemented multi-factor authentication (MFA) for remote access will be more susceptible to phishing attacks.

In response, organization should:

  • Update VPNs, network devices, and other devices being used in the remote environment
  • Employees should be made aware of the heightened risk of phishing attacks during the pandemic
  • Lean on NIST guidance to ensure your reducing exposure.
  • Implement MFA on all VPN connections
  • Use strong passwords

Your IT provider should:

  • Be prepared for increased need for cybersecurity
  • Increased Log review
  • Detection and monitoring
  • Employ incident response and recovery
  • Perform limit testing on VPN to ensure it can handle increased traffic
  • Be prepared to look out for suspicious traffic and investigate those incidents.
  • Someone dedicated to monitoring alerts and suspicious activity.

Considering many organizations are asking employees to telecommute, hackers will likely prioritize breaking into VPNs. Patching known bugs is step one (and absolutely critical), but it’s not enough. There are unpatchable weaknesses and non-public issues that hackers can exploit. To secure against these unknowns, companies need to look at the fundamentals.

RWK IT Services

Share
Published by
RWK IT Services

Recent Posts

IT Considerations for Remote Employees

When you think about your company’s workforce, are there any team members that work remotely?…

18 hours ago

Password Safety and Other Cybersecurity Measures for Your Business

As a leader or executive in your business, it is your job to prepare for…

3 weeks ago

HIPAA and Your IT Services

Thanks to technology and advances throughout the medical industry, it is common to see more…

1 month ago

Is Your Managed IT Services Provider Effective?

When you make a decision to enlist the expertise of a Managed Services Provider, you…

2 months ago

Common IT Problems That Can Decrease Productivity

As a leader in your company, it is important you are doing what you can…

2 months ago

Is Moving to the Cloud Right for My Business?

As the new year begins, are you taking the time to re-evaluate your business? As…

3 months ago