US Govt Shares Tips on Securing VPNs Used by Remote Workers

The Department of Homeland Security’s cybersecurity agency today shared tips on how to properly secure enterprise virtual private networks (VPNs) seeing that a lot of organizations have made working from home the default for their employees in response to the Coronavirus disease (COVID-19) pandemic.

“As organizations elect to implement telework, the Cybersecurity and Infrastructure Security Agency (CISA) encourages organizations to adopt a heightened state of cybersecurity,” an alert published today says.

CISA also highlights the fact that malicious actors might also increase their phishing attacks to steal the user credentials of employees working from home, with orgs that haven’t yet implemented multi-factor authentication (MFA) for remote access being the most exposed. “Organizations may have a limited number of VPN connections, after which point no other employee can telework,” CISA adds.

CISA also published information on how to defend against scammers who use the Coronavirus Disease 2019 (COVID-19) health crisis as bait to push their scams over the Internet.

Reference:

https://www.us-cert.gov/ncas/alerts/aa20-073a

https://www.who.int/emergencies/diseases/novel-coronavirus-2019/technical-guidance/naming-the-coronavirus-disease-(covid-2019)-and-the-virus-that-causes-it