Work from Home Security–Is Your VPN Letting the Hackers In?

In the haste of the rapid changes coming down from government agencies, everyone who could work from home spent the last week or two getting their remote functionality set up.

While this was necessary, the last thing most people were thinking about was the potential security implications.  Even though security may have been a thought, while quickly trying to think about how to handle everything else it more than likely did not get the full attention it requires.

Now that we are past the initial shock and starting to work full-time from home, we wanted to put together some security posts to help organizations better secure their networks in this new environment.  It is in these unusual circumstances that hackers always try to take advantage.

First, let’s talk about VPNs.  They are incredibly useful tools if secured properly.  Unfortunately, there have been news stories already about hackers targeting VPNs.  What are they targeting?  The answer is improperly configured and unpatched VPNs.

With that in mind, are your firewalls maintained and kept up to date?  The first step if you aren’t sure is to determine if your firewall and/or VPN appliances are up to date on firmware.  Your IT engineers should be patching the hardware on at least a monthly basis and sometimes even sooner if a critical update is available.

The next question to consider is whether the VPN has been configured properly.  There are a few different ways to configure traffic on a client-to-site VPN.  One option is to configure split tunneling, which is a way to only send network traffic specifically destined for the work network through the VPN.  The other option is the opposite – all traffic goes through the VPN.

On the surface, split-tunneling sounds like the way to go.  You do not want your employees personal web surfing going through your network.  What if they are streaming music while working? That seems like a bandwidth nightmare, right?

The problem with split-tunneling is that your employee’s computer becomes a gateway into your network.  The employee could accidentally browse a malicious site via their home network which does not have any web filtering, causing that computer to become infected.  Since the computer is connected to the VPN, that malware can enable hackers to access your business network by allowing them to enter through the employee’s home internet.

What about the problem of bandwidth?  With the alternative its true you will use more bandwidth, but you have control over that bandwidth and more importantly, the traffic.  If you are concerned about music and video streaming, that traffic can be blocked from the VPN.  After all, your employees are working from home.  They could turn on the TV or radio.

You can also turn on web filtering, antivirus scans, intrusion detection and other firewall services to scan all traffic.

This way all traffic will be forced to go through the VPN.  Any other devices on the home network will not be able to communicate with the laptop – the Xbox, Alexa, Google devices, etc.  It will be in a quarantine of sorts.  This dramatically improves security and will limit the exposure of your internal business network.

Finally, you should limit what type of traffic that can go through the VPN.  If most of the traffic is just web traffic, only allow web traffic.  If it’s a database application on your network, you can limit traffic to that database.  Make a list of everything the users need to access and put access control policies in place to only allow that traffic.

As always, if you have any questions about VPNs or are unsure if you are properly secured, do not hesitate to reach out to us.  We are here to help.

Stay tuned for more security information to keep your business secure while your employees are working from home.