Homeland Security Warning for VPN Security Flaws

Companies use enterprise VPNs, or virtual private networks, to allow employees to work remotely. An alert from the Department of Homeland Security just announced, however, that a vulnerability has been discovered in some major enterprise VPN providers.

The vulnerability stems from authentication tokens that store a user’s login credentials on their computer so they don’t have to constantly keep logging back in. This vulnerability would allow hackers to access a user’s information, giving them access to the network along with whatever permissions that user has.

The VPN vendors affected are Cisco, F5 Networks, Palo Alto Networks, and Pulse Secure. Of those, Palo Alto has issued a patch to fix the vulnerability while F5 Networks has suggested that users make sure to use two-factor authentication.

Do you know if your VPN is secure? Give us a call to talk about your network’s security.