VPN False Sense of Security

VPNs (Virtual Private Networks) made headlines last week after the National Security Agency (NSA) warned corporations could be vulnerable to cyber-attacks if not correctly secured. The warning comes as organizations adapt to office closures, and employees continue to work from home.

Foreign hackers could exploit Palo Alto Networks' vulnerability. "Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML (Security Assertion Markup Language) is in use. Foreign APTs (Advanced Persistent Threat groups) will likely attempt exploit soon," the U.S. Cyber Command said on Twitter.

The vulnerabilities allow attackers under certain conditions to take control of a device without needing a password. Once control over a device is lost, hackers can gain access to the rest of the network. The issue is a critically severe flaw gathering a maximum possible risk rating of 10. 

VPNs allow remote devices to securely connect to a corporate network and act as if the remove device was on the local network with access to local servers, applications, storage, and printers. While VPNs provide a level of protection, VPNs do not protect data from malicious or accidental insiders that already have access to the corporate network.

With employees more likely to be working from home, data protection needs to move from a perimeter or device concept to a data-centric approach. A data-centric data protection solution will persistently protect the data. Data can originate on an employee's endpoint or from a SaaS solution like Salesforce, Workday, Github, or Quickbooks.

A recent Digital Guardian report highlighted a 123% increase in the volume of data copied to USB drives during the COVID-19 pandemic. The same story also shares an 80% increase in data egress across all channels during the same period.

SecureCircle's Data Access Security Broker (DASB) protects data at times, including at rest, in transit, and in use. DASB is the only Data Loss Prevention (DLP) solution focused on data. Data is monitored and tracked as it moves between files and applications. If protected information is copied and pasted into a new document, DASB will automatically protect the new document with the same permissions as the original content.

The key to any security solution is the solution must be transparent. Legacy approaches ask employees to change their behavior and reduce their productivity. Compatible with any application, DASB is entirely transparent to users and doesn't require any change to the workflow.

After patching the Palo Alto Networks VPN, consider SecureCircle to protect data within the corporate network, on endpoints, and in your SaaS applications.

VPN False Sense of Security