We’ve all had days when we think to ourselves, “Man, I wish I could just work from home in my PJs.” Recently, as companies are allowing more employees to work remotely, VPN security is a greater concern and there is a growing need to monitor VPN tunnels.
Home is where your work is
As technology advances, companies have been able to hire employees all over the globe and teams can work together as though they are right beside each other. This is great news for companies and employees alike. Businesses aren’t limited to local talent and workers can now work from the comfort of their home in PJ pants with their pets as coworkers. It’s pretty convenient, I must say, especially when I’ve forgotten about laundry day.
It seems like this benefits everyone involved. But one group needs to work harder than ever before: the network team. With the new users suddenly funneling in through VPN tunnels, the network teams needs to make sure that only the employees come through, and that critical data isn’t leaving the tunnels.
Keeping those tunnels safe
There are a wide variety of VPN applications that can be used via mobile device as well as on PC. Most of these are fairly safe, but that does not stop bad actors using remote code execution (RCE) from trying to make their way in. Once in, they will try to hijack usernames and passwords to move laterally through the network, sending data out as they go. As for how they actually get in, there are a few different ways, be it through CentOS-based systems or known vulnerabilities in VPN software. You can read more about these
issues at ZDNet
Scrutinizer helps monitor for activity like DNS command and control, DNS data leaks, and botnets with the help of our FlowPro Defender appliance. No FlowPro Defender? No problem. Scrutinizer can still help you view not only top talkers, but all conversations occurring on your network no matter how large or small. Why is this significant? Well, sometimes a large amount of data leaves a network all at once. But sometimes, it will leave in small pieces to different destinations, so the ability to see all conversations is a must.
Concluding thoughts on VPN security
What can we glean from this? Firstly, VPN vulnerabilities will happen, especially as working from home becomes more common. Next, there are ways that Scrutinizer and our FlowPro Defender can help you monitor for and alert on data leak behavior so you can quickly and effectively resolve the issue. If you’d like to try Scrutinizer and or our FlowPro Defender, click the download links and don’t hesitate to reach out to us if you need help.