Skip to content
All posts

Dangers of Self-Managed VPNs—And How You Can Mitigate Them

Your self-managed VPN may be doing more harm than good. Recent reports from Cybersecurity Dive and At-Bay noted that remote access tools were the intrusion point to blame for most ransomware attacks and that in particular, self-managed VPNs from Cisco and Citrix were highly susceptible to such attacks. 

At Bay found that companies using self-managed VPNs—those that are self-hosted, implemented on premises, and maintained in house—are at least twice as vulnerable to cyberattack than those who use VPN service providers or no VPN at all. While VPNs are essential in today’s business environment, service provider VPNs are proving to be more secure. This makes sense, since VPN technology is not usually the main area of expertise for the companies who use them, and therefore a self-managed VPN can be misconfigured or grow outdated without the company realizing it. With a service provider VPN, managing and updating the VPN technology is the provider’s responsibility, and they can do this more effectively than their clients can. The tradeoff, however, is that you have less anonymity and control. 

Still, if a self-managed VPN is a necessity for your company at this time, there are ways to make it more secure. Courtesy of At-Bay and CyberNINES, here are some tips: 

  • Keep software updates and patches current. Out-of-date software exposes vulnerabilities (like cracks in a fortress wall). 
  • Require multifactor authentication (MFA). 
  • Consider using a Managed Detection and Response (MDR) service. This is an external team of experts who continuously monitor your network for potential threats and provide advice on security best practices. 
  • Consider engaging CyberNINES to perform a basic assessment (link) or tabletop exercise (TTX) (link), both of which can help identify vulnerabilities in your company’s security and can be followed up by suggestions for making your security tighter. 

To read the full articles by Cybersecurity Dive and At-Bay, please see the links below: 

https://www.cybersecuritydive.com/news/remote-access-tools-ransomware/716320/?utm_source=Sailthru&utm_medium=email&utm_campaign=Newsletter%20Weekly%20Roundup:%20Cybersecurity%20Dive:%20Daily%20Dive%2005-18-2024&utm_term=Cybersecurity%20Dive%20Weekender 

https://www.at-bay.com/articles/why-vpn-can-be-small-business-weakest-link/