With the uprise of the COVID-19 pandemic, workers all over the globe have been forced to work from home if they are not deemed essential to the welfare or survival of society. With this increase in employees working from home, they would have to resort to remotely accessing their companies network to access their resources and do their jobs as they were hired to do, and in order to do so, a company enterprise VPN server is needed. Thus the need and reliance on the service that VPNs provide has vastly increased in such a way that they are now ‘paramount to a company’s backbone’ (ZDNET).
According to both ZDNET and TechRadar, both the UK’s and the US’s Cyber Security divisions have found that cybercriminals are now seeking to exploit enterprise VPNs and other remote tools that employees might endeavour to use to access the company of employment’s network. Therefore it is paramount to secure such communications to reduce the risk of allowing privileged access to unprivileged attacker.
There are various methods of protecting one’s self and their enterprise from a variety of attacks ( most of which have not been discovered yet ) of which a few are mentioned below:
- Log files: Now is the time to delve deeper into the log files for various incoming and outgoing communications using the VPN server and other remote working tools that the company offers. Those full application and network logs, although often disregarded for an oversimplification concocted by another third party application, will contain the details that could expose a loose end or an open hole that must be plugged to ensure data integrity and quality.
- Strongest Authentication and Encryption method: This period of time does not cater to those that are weak willed, thus amping up the security front in terms of the networks authentication method (possibly RADIUS capable) and its Encryption method (possibly AES-256). Those methods are more likely to protect the system than any other convoluted network tunnelling that could be implemented, simply because even if an attacker does manage to get ahold of the encrypted traffic, their ability to decrypt such data without knowing the various keys used in EAP enabled RADIUS server is severely diminished.
- Be Selective: Not all employees need direct access to the company network, and not all employees that do need direct access require its entirety. It might be useful to limit the various employees who do have access to the network and its resources with the use of a VPN service.
Whilst the outside world may seem like everything is coming to a halt, the use and need for VPN connection to various networks are blowing ahead at full speed. Clearly it is vital to both the enterprise and their employee’s online safety to have secure communication tools between their devices and the company’s network. Some other tools and tips to continue the securing process may be found in the reference links below:
Written By: Jarryd Brits