• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Virtual Private Networks (VPNs) – Are They Secure?

You are here: Home / Security News / Virtual Private Networks (VPNs) – Are They Secure?

The ongoing global pandemic has resulted in organisations all over the world urging employees to stay home and work remotely in order to reduce the risk of workplaces falling victim to the highly transmissible COVID-19 outbreak. Organisations have had to rapidly adopt solutions that enable employees to telework, but most importantly telework securely, often via a VPN.

What is a VPN?

One of the primary technologies that enable remote working is the use of a virtual private network, or VPN. VPNs allow remote systems to establish a secure connection to the organisation’s internal network. Once established, the systems connected to the VPN act exactly as they would if they were connected in the office directly to the network. This allows remote workers access to internal file servers, intranet web pages and any other internal service they may require to complete their work.

Potential Vulnerabilities

VPNs are an excellent tool and are also often used to establish secure links between physical sites over the public Internet. However, they are also very vulnerable to cyber-attack, especially if the VPN is poorly configured or uses weak security features. With the large number of remote workers amidst the COVID-19 outbreak, malicious actors have set their sights on weak VPN servers that use poor encryption, as well as directly targeting employees in phishing attacks to gain access to their VPN credentials.

The rush to roll out VPN solutions for remote workers has increased the possibility of overlooked security. An existing system may be outdated, configured with weak encryption protocols, or lack the use of multi-factor authentication (MFA). It is possible that the VPN is not regarded as a particularly vulnerable area of the network, and no matter how strong the security of the internal network is, a weak VPN compromises the entire network.

Another consequence of the rushed rollout is a lack of employee training on best security practices when using a VPN. Employees may mismanage their login credentials or fall victim to a phishing attack. Every possible attack vector must be considered, because a weak VPN can present an attacker with a large hole straight into the internal network.

How to ensure your VPN is secure

To reduce the attack surface, it is critical that the software and host system is up to date, and that the latest and most secure security features are used, such as strong ciphers and key exchange protocols. Most importantly, it’s essential that multi-factor authentication (MFA) is implemented. This ensures that even if an employee’s credentials are compromised, an attacker cannot gain access to the network without the second authentication method. It is also extremely important that users are properly trained on how to use the VPN securely, but also how attackers may attempt to steal personal information and credentials.

Our consultants here at Agilient are subject matter experts when it comes to strong network security and security policy, which is extremely important when rolling out large-scale solutions that many organisations around the world are in desperate need of. We specialise in helping organisations implement secure security solutions that are customised to fit their needs and requirements. If you’d like to learn more about how Agilient can help, contact us today.

Author: Jack Schofield

Tweet
Share

General,  Security News cyber attack,  cybersecurity,  MFA,  remote working,  telework,  VPN

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692