InfoSec Insider

VPN Concerns with Unplanned Remote Employees

Forcepoint vpn patch

Maintaining visibility and availability when you suddenly have a large remote footprint takes planning.

The volume of employees working from home is steadily increasing, especially as local recruiting limits the number of skilled people. This along with the current state of coronavirus means that throughout the world, spikes in work-from-home policies are putting pressure on IT teams to scale virtual private network (VPN) access.

Most enterprises build their networks with physical connectivity in mind. Rarely are they designed to support a majority of their users connecting from home offices. Yet, while the number of employees working from home continues to increase, businesses must continue to provide good customer service. If customers feel that they are neglected or are not receiving the level of support they expect, they will find a competitor.

IT must evolve quickly to support this shift, and they must be prepared to minimize different risks. Specifically, organizations need visibility into the VPN.

Expanding the Network for Remote Employees

In some cases, businesses may not have considered remote employees at all when building their physical networks. This is particularly the case in industries where hands-on interactions are essential.

For these businesses, they may be just now designing their VPN from the ground up. This is their opportunity and peril. Because everything will be brand new, organizations have a perfect opportunity to get it right. They can deploy their VPN with security, capacit, and visibility in mind. But they also must be aware of the vulnerabilities and security problems that VPNs can introduce.

For one thing, if deployed incorrectly, or with default settings, VPNs can be the back door for malicious actors, essentially opening up the entire network to the internet. In a recent alert, the U.S. Department of Homeland Security warned organizations of the dangers of vulnerable VPNs. Specifically, “as organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber-actors.”

Because of this, organizations need to be sure to deploy VPNs with security in mind. Updates and patches should be applied regularly to limit vulnerabilities. Additionally, the connections on the VPN and physical network should be monitored throughout the organization to ensure that IT has all the information they need to stop threats in their tracks and enable a fast response to malicious actors.

Additionally, users must also be aware of treating everything they do on their remote device as though they were working in the office. Malicious actors are aware of the rise in remote employees, and they will stop at nothing to find vulnerabilities in home networks to infiltrate the corporate network. Just because a user is connected to a VPN doesn’t mean that they are completely secure. Phishing attacks are no less effective now than they have been, and they are likely to increase.

Maintaining Security in the Fog of Unknowns

When everyone connects to the VPN at the same time, there are a few problems that organizations face. Businesses either maintain security standards and require all users to continue connecting to the VPN, or they limit the number of connections to the VPN, which reduces security and productivity for team members that require internal applications.

By routing all traffic from end devices to the corporate VPN, IT can still maintain visibility of these devices as though they were physically at the office. Unfortunately, some organizations may attempt to push people away from connecting to the VPN. But telling people to connect to the internet and forgo the VPN is not the answer. Not only does it reduce the security of the business, but it also makes it difficult or impossible for the company to continue running smoothly. Critical applications are often internal-only systems. This means that without connecting to the VPN, users have no access to the tools they rely on.

To maintain business continuity, organizations must be sure to provide the same level of experience to all users, regardless of location. This requires that organizations measure user experience. Measuring latency, jitter, packet loss and other network analytics will give the business what it needs to ensure a certain level of satisfaction for all users.

Providing the same experience for VPN users as physical users is a best-case scenario. Imagine if the VPN link has a capacity of 100Mbps up and down. If you have 100 users connecting to the VPN and sending all their traffic through it, of course the connection quality will quickly deteriorate.

These capacity issues, among others, are why companies must educate their employees on best practices. Users don’t always understand how their connection to the VPN works. In many cases, users authenticate to the VPN automatically when they connect their device to the internet. In these cases, there is almost nothing they need to do to be connected to the VPN. But this presents several challenges. When these users take a break from work and stream a movie on Netflix, they may not realize that the entirety of the connection is being sent through the VPN back to the enterprise network. It would only take a few users streaming 4K movies to create a visible impact on performance and quality for all other users.

Since networks are created with specific routing rules and with different levels of security in place depending on where someone accesses a resource on the network, IT teams must plan these routes with remote workers in mind. Specifically, connections from VPNs should be sure to employ the same best practices that the rest of the network has in place. By leveraging network traffic analytics across the network and maintaining security patches for VPN and other network devices, IT can relax a bit more knowing that the experience will be the same for everyone regardless of where they are located—even when the majority of employees are working from home.

Justin Jett is director of audit and compliance for Plixer.

Enjoy additional insights from Threatpost’s InfoSec Insider community by visiting our microsite.

Suggested articles