The Enterprise VPN is a common technology to support remote working during global pandemic outbreak. However, adopting enterprise VPN without proper risk assessment and corresponding mitigation measures could lead to a security incident. It is common to find that cyber-attacks targeting enterprise VPN appliances, while sensitive information disclosure and reputation damage due to ransomware campaign targeting unpatched VPN devices is one of the examples. To cope with the evolving cyber security risks, secure the enterprise VPN is essential nowadays.
HKCERT has published the “Enterprise VPN Security Guideline” to identify the common security issues in enterprise VPN implementation, provide security best practices for IT manager and IT staff to address the risks, and suggest corresponding countermeasures.
It is divided into 3 sections:
(A) Security management and planning
(B) Security architecture, hardening and access control
(C) Security monitoring and incident response
Please click “Enterprise VPN Security Guideline” to download. Should you have any comment or enquiry about the Guideline, you are most welcome to contact HKCERT via email: [email protected] or its 24-hour telephone hotline: 8105 6060.
Is your business effected by Cyber Crime?
If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.
Digitpol is available 24/7.
UK +44 20 8089 9944