The Department of Homeland Security's cybersecurity agency this week shared tips on how to properly secure enterprise virtual private networks (VPNs) seeing that a lot of organizations have made working from home the default for their employees in response to the Coronavirus disease (COVID-19) pandemic.
"As organizations elect to implement telework, the Cybersecurity and Infrastructure Security Agency (CISA) encourages organizations to adopt a heightened state of cybersecurity," an alert published says.
Malicious actors expected to focus attacks on teleworkers
Since more and more employees have switched to using their org's VPNs for teleworking, threat actors will increasingly focus their attacks on VPN security flaws that will be less likely to get patched in time if work schedules will be spread around the clock.
CISA also highlights the fact that malicious actors might also increase their phishing attacks to steal the user credentials of employees working from home, with orgs that haven't yet implemented multi-factor authentication (MFA) for remote access being the most exposed.
Is your organization teleworking because of #COVID19? Here are some key recommendations on enterprise VPN security. "Organizations may have a limited number of VPN connections, after which point no other employee can telework," CISA adds.
"With decreased availability, critical business operations may suffer, including IT security personnel’s ability to perform cybersecurity tasks."
Mitigations for boosting enterprise VPN security
Among the mitigation measures recommended for organizations considering telework options for their employees because of the Coronavirus disease (COVID-19) pandemic, CISA lists:
- Keeping VPNs, network infrastructure devices, and devices used for remote work up to date (apply the latest patches and security configs).
- Notifying employees of an expected increase in phishing attempts.
- Ensuring that IT security staff are ready for remote log review, attack detection, and incident response and recovery.
- Implementing MFA on all VPN connections or required employees to use strong passwords to defend against future attacks.
- Testing VPN infrastructure limitations in preparation for mass usage and take measures such as rate-limiting to prioritize users that will require higher bandwidths.
As part of its teleworking guidance, CISA also advises organizations to review DHS documentation on how to secure network infrastructure devices, avoid social engineering and phishing attacks, choose and protect passwords and supplement passwords, as well as the National Institute of Standards and Technology (NIST) guide to enterprise telework and BYOD security.