VPN(s)
What has been found
VPN(s)
VPNs are a useful way to securely access a company network remotely. However, they are attractive targets for attackers and pose some risk if not well managed.
Why this strengthens security
VPNs help preserve confidentiality and integrity of data in transit by encrypting network traffic between endpoints. When properly configured and managed, they mitigate the risk of unauthorised interception and are a critical component of a secure remote-access strategy. Modern VPN implementations using strong encryption protocols (e.g. IKEv2/IPsec, OpenVPN, WireGuard) and multi-factor authentication significantly reduce the likelihood of credential theft and session hijacking.
Potential improvements
-
Apply strong authentication: Enforce multi-factor authentication (MFA) for all VPN users to minimise the risk of credential compromise.
-
Restrict access: Configure VPN access based on user roles and least privilege principles, limiting access to only required internal systems.
-
Patch and maintain: Keep VPN appliances and associated infrastructure updated to mitigate known vulnerabilities.
-
Monitor and audit: Continuously log and review VPN connections, authentication attempts, and usage patterns for anomalies or suspicious activity.
-
Enforce encryption standards: Ensure use of current cryptographic protocols and disable deprecated ciphers.
-
Evaluate Zero Trust transition: Assess feasibility of adopting a Zero Trust architecture for granular, identity-aware access control.
How to verify ongoing effectiveness
-
Validate that the VPN uses modern encryption protocols (AES-256, TLS 1.3, or equivalent).
-
Conduct external vulnerability assessments of VPN endpoints to ensure no outdated or exploitable services are exposed.
-
Confirm MFA enforcement and review access control policies regularly.
-
Analyse logs for unusual login attempts, especially from foreign or unrecognised IP ranges.