Remote Access with VPN Requires Additional Security Measures

John Flores
August 13, 2020
Blogs | Cybersecurity | Digital Infrastructure

Pandemic-driven work-from-home requirements have triggered skyrocketing demand for virtual private network (VPN) services. A VPN creates an encrypted, secure connection to an external server, or gateway, which then routes traffic across the public Internet to the corporate network.

VPNs have helped many organizations remain operational by enabling remote connections to the company network. With roughly half of the U.S. labor force now working remotely, service providers say that VPN usage is up by more than 150 percent compared to pre-pandemic usage levels.

That increased usage comes with increased risk. VPNs have long been a favored attack vector for cybercriminals using man-in-the-middle attacks, DNS hijacking, and other exploits to steal data or launch malware.

Common Vulnerabilities

VPN gateways are attractive targets for several reasons. Since they are usually directly accessible from the Internet, they are susceptible to network scanning, brute-force attacks, and zero-day vulnerabilities. Additionally, they aren’t always updated regularly. Because VPNs are expected to be operational and available at all times, organizations often figure they can’t afford the downtime required to install updates and security patches.

Finally, most VPNs require a conventional username/password combination, which can be guessed or stolen. Compromised VPN credentials are valuable to cybercriminals because they can provide broad access to network resources.

Anticipating the increased dependence on VPN connections at the onset of the pandemic, the Department of Homeland Security issued an alert that warned organizations to expect an increase in attacks. In particular, officials reported that remote code vulnerabilities allowed hackers to run malicious code on unpatched servers. To mitigate such vulnerabilities, the DHS urged organizations to augment basic VPN security with a variety of additional measures.

Layering Security

At Converge Technology Solutions, we’ve made VPN security a key element of our Remote Work Enablement services. Our cybersecurity team is helping clients improve their remote access capabilities by implementing several additional layers of security on top of their standard VPN access. We recommend the following solutions and practices:

  • Use multifactor authentication. VPN login with a username/password combination is too easily defeated. It is well-established that the vast majority of data breaches involve compromised passwords. MFA requires a combination of verification factors, such as something the user knows (a password or PIN code), something the user has (a security token or mobile app) and something the user is (a biometric identifier). Microsoft research shows that MFA blocks 99.9 percent of all automated cyberattacks.
  • Implement Domain Name System (DNS) filtering. DNS filtering blocks users from accessing malicious domains, IP addresses, or cloud applications before a connection is ever established. When a user clicks a link or types a URL into their browser, it launches a DNS request to DNS resolving service. If the domain or IP address is known to be associated with malicious activity, access is denied. Cisco Umbrella is a secure Internet gateway that delivers DNS-layer protection at all ports and protocols along with direct-to-IP connections.
  • Secure all endpoints. Remote workers may use a variety of devices to access network resources, which creates multiple attack surfaces. Endpoint security solutions usually consist of software loaded on a server or gateway appliance, where it can be accessed by devices with lightweight client software. The server authenticates logins from the endpoints, and it also updates the client software when needed.

Remote work is the “new normal” for most businesses today, and many will likely make it a more permanent option once the pandemic has passed, which means organizations should be prepared for long-term reliance on VPNs for remote network access.

Follow Us

Recent Posts

Why CTEM Is the Future of Security and Easier Than You Think

Over the years, we’ve seen pivotal moments in cybersecurity where innovation fundamentally reshaped how organizations manage threats. From the introduction of application-layer firewalls and the early days of security information and event management (SIEM) to the...

Amazon Elastic VMware Service Is Now in Public Preview

Accelerate VMware Cloud Migration With Amazon EVS Earlier this week, AWS announced the public preview of its Amazon Elastic VMware Service (Amazon EVS), bringing the company closer to having its own fully operational, first-party VMware service. For businesses...

Sustainable IT: Tracking the Latest Trends for the Public Sector

The public sector is undergoing a major technology transformation. But while modernization often focuses on speed, scalability, and user experience, there’s another priority rising fast through the ranks: sustainability. From local government agencies to federal...

Want To Read More?

Categories

You May Also Like…

Let’s Talk