Because of remote work, the use of VPN network has exploded again as is the case for a large part of digital solution.
Businesses are forced to use secure connection solutions, not only to keep their exchange confidential, but also to ensure that sensitive information cannot be intercepted by people with bad intentions.
This article will also interest you: These VPN networks that have not kept their promises to their users
However these digital tools are not free of security flaws. "It seems that employees' remote work continues for some time to come and that companies will need to maintain their efforts to connect their employees safely. With this in mind, it is always useful to check that the virtual private network (VPN) set up by the company is not vulnerable. Susan Bradley, IDG NS
For this reason, several recommendations have been made by the National Information Systems Security Agency, the French authority in charge of cybersecurity systems and networks and the NSA, the US National Security Agency.
Remote employee work requires companies to provide secure VPN connection solutions. But to minimize vulnerabilities, you have to set them up. Here are 5 important security points to check.
Recently released, the U.S. security agency's "Secure Virtual Private Networks IPsec" document lists the tasks that must be performed on a regular basis to secure its VPN network. The same goes for the French Cyber Security Agency. The NSA's advice can be summarized in these six major points:
– Reduce the attack surface of the VPN bridge;
– Verify that cryptographic algorithms comply with Committee on National Security Systems Policy (CNSSP) Standard 15;
– Avoid using the default VPN settings;
– Delete unused or non-compliant cryptographic suites;
– Apply updates (fixes) provided by publishers for gateways and VPN customers;
Let's do a little more analysis of these different security steps.
1) Always have the latest software version of its VPN
In a way this is clear, and the board is not new. In particular, following a study conducted by the USCert whose results were published in January 2020, the use of VPN Pulse Secure software by hackers, then present a certain generality, to resuscitate ransomware. The security flaw how to allow different ways to take advantage and cause maximum damage: "A remote, unthentified attacker could compromise a vulnerable VPN server. It could access all active users and their clear text identifiers. It could also execute arbitrary commands on each VPN client by successfully connecting to the VPN server." Precise NSA report. However, to protect yourself from such a situation, you simply have to have your software up to date, by running the latest security updates.
2) Control VPN connections
Of course, you have to do checks on this VPN connection. Because it is not insignificant to make sure that they are always so safe. Reviewing the various parameters, except in a layer of insurance and protection, reducing the chances of passing a generality due to mismanagement of parameters.
3) Filter network traffic
The common mistake of companies is to simply set up VPN networks. However, it will also be necessary to ensure that this network is open. It is known that cyber criminals are always looking to break into the corporate network through VPNs. In this case, it is essential to put in place very strict login rules, and to ensure an effective method of filtering traffic. Limiting ports, protocol and IP addresses could be a fairly effective set of possibilities. "If you don't have the ability to filter a specific IP address (and this is clearly the case now), you need to set up your firewall to inspect and monitor IPsec traffic and inspect IPsec session negotiations. explains Susan Bradley.
4) Take a look at the VPN settings
When it comes to default settings, you should always look at that. Even the configuration settings set by IT teams to ensure that these same configurations pose more vulnerability problems. It can even be done when setting up the firewalls. This is legitimised by the fact that if the configuration has been done for a long time, there is a good chance that it is no longer suitable for today's time. That is why it is always requested to set up.
5) Apply patches
Like any program, the application of a security part is essential. Security patch means vulnerability. This implies that not applying the patches puts the system where the network, and all activities affiliated with them, at great risk. It is remembered that the attacks they involved in using VPN Pluse could have been avoided if the patches had been properly applied by the editor.
Now access an unlimited number of passwords: