US government issues guidance for enterprises using VPN software

Expect increased phishing attempts and attacks that exploit VPN security flaws

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

With the ongoingcoronavirus outbreakleading many organizations to allow employees to work from home, the US government has shared a list of tips on how to properly secure enterprise VPN software.

In itsalerton enterpriseVPNsecurity, the Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, has warned organizations to adopt a heightened state of cybersecurity in these uncertain times.

Due to an increased number of employees using services to work remotely, cybercriminals will likely focus their attacks onVPN security flaws. The reason for this is because organizations will be less likely to keep their VPN software regularly updated, especially when employee work schedules will be spread around the clock.

The CISA also warned that cybercriminals may launch additionalphishing attacksin an attempt to steal the users credentials of employees working from home and that organizations that haven’t implemented multi-factor authentication yet, are the most at risk.

Boosting security while working remotely

The CISA has laid out a number of mitigation measures organizations that are currently allowing their employees to work remotely or considering doing so can take to protect themselves.

However, the most important of which is keeping VPNs, network infrastructure devices and other devices used forremote workingup to date by applying the latest patches and security configurations.

The alert also recommends that organizations notify their employees of an expected increase in phishing attempts.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Enabling multi-factor authentication on all VPN connections and requiring employees to use strong passwords are other ways that organizations and employees can stay safe while working remotely.

The next few months will certainly be challenging for all businesses but by taking the necessary steps now, organizations can ensure that their remote workers stay productive and secure.

ViaBleepingComputer

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Mozambique VPN usage soars as internet restrictions continue

Retail and tech firms are hackers' most wanted targets – here’s what you can do about it

3 questions to ask before buying a robot vacuum in the Black Friday sales