Does your VPN policy reflect the new reality, and what risks do you face?
Organizations across the US are at increasing risk from cyberattacks due to VPN vulnerabilities, according to The National Security Agency. With an unprecedented percentage of the workforce dialling in remotely due to the ongoing global health crisis, the NSA has issued an advisory warning focused on the importance of properly securing VPNs. The report states “VPNs are essential for enabling remote access and securely connecting remote sites, but without proper configuration, patch management, and hardening, VPNs are vulnerable to attack.” Their instructions include the reduction of the VPN gateway attack surface, ensuring cryptographic algorithms are Committee on National Security Systems Policy 15-compliant, and avoiding the use of default VPN settings.
For the full article please click here.