Solving the COVID-19 VPN Security Risk Most Companies Are Missing

Things are changing fast, as of March 17, 2020 an unprecedented number of people around the world were in actual lock down (across Malaysia, Spain, Italy, France, El Salvador) and it seems like schools globally are shutting down and people being asked to stay and (if possible) work from home.

Most CISOs and IT security professionals you speak to today are racing to scale up their remote access services to support their entire employee base, so business continuity isn’t impacted while employees connect to corporate IT from home. This spans a wide range of possible activities from defining permissions, security, expanding infrastructure to setting up remote access for the majority of employees who usually do not need it. Archana Kesavan, director @ ThousandEyes was quoted by eWeek saying that to complicate things “IT support is not prepared for remote workers in such a large amount”.VPN Security - Resized

To ensure this remote access doesn’t compromise corporate security companies like Amazon are looking to use services like Virtual Private Networks (a.k.a VPN) that are normally used for a small percent of employees who regularly need remote access.

A Freeway Running Through Your Pillow

Think of the street right outside your bedroom window that now has to support the rush hour traffic of a 5 lane highway, overnight. Like a pyramid that’s been flipped, VPNs and remote access services have gone from supporting a fraction of corporate activity to becoming the main channel through which enterprises are communicating with their employees.

VPNs in the COVID-19 pandemic have become business continuity lifelines. While it’s anyone’s guess how long this period will continue, all the experts agree that it is going to get worse before it gets any better and could last for months.

The VPN Security Achilles Heel

Business continuity plans are meant to prevent denial of service. Since VPNs are usually used in a limited fashion the impact of an unusable VPN to the overall business continuity is normally negligible.

But not anymore. Inoperable VPNs will effectively grind a large part of the business to a halt.

Distributed Denial of Service - VPN Styleshutterstock_1457682989

Due to the negligible risk that VPNs usually pose to business continuity, companies may have not bothered to validate that their DDoS mitigation solutions were configured correctly to protect them. In over 6 years of working with leading Fortune 1000 and Global enterprises to validate & strengthen their DDoS mitigation solutions MazeBolt has never seen a request to validate DDoS mitigation configurations for VPN services. There was never a good reason to do so.

There is one now.

The problem enterprises are facing is daunting because there’s no single default DDoS mitigation configuration setting that works for all VPNs. This means that companies need to validate their potentially vulnerable DDoS mitigation configuration against multiple possible DDoS attack vectors at a time when maintenance windows are hard to find.

Helping Secure Business Continuity Through Coronavirus

MazeBolt, an Israeli cyber security company, developed the RADAR™ that was designed exactly for challenges like this and launched it in 2019. Working transparently 24/7 without impacting ongoing operations it provides enterprises with real time validation of their DDoS mitigation solutions. This way vulnerable DDoS configuration mismatches can be continuously identified and resolved in real time and re-validated immediately. This is the equivalent of conducting a 3-D CT scan on an Olympic runner while she’s sprinting. Based on patented technology the RADAR ensures DDoS mitigation solutions are always working as expected to mitigate denial of service attacks.

Update: Free SaaS based Limited Disruptive Validation Offering

In an effort to help secure business continuity across our ecosystem MazeBolt is extending a helping hand to all organizations. We will validate your organization’s VPN security against DDoS attacks at no cost or commercial compensation.

Using our RADAR patented technology to limit disruption we’re offering:

  • A 20-minute DDoS validation of VPN services
  • Limited disruption to ongoing business operations (Based on DDoS RADAR)
  • Automatic cut-off technology (Based on DDoS RADAR)
  • Coverage of most likely VPN DDoS attacks
  • Vendor Report explaining how to close vulnerabilities detected

Please submit your registration and we’ll contact you to schedule the validation.

About MazeBolt

MazeBolt is an innovation leader in cybersecurity and part of the DDoS mitigation space. Offering full DDoS risk detection and elimination and working with any mitigation system to provide end to end full coverage. Supporting organizations in avoiding downtime and closing DDoS vulnerabilities before an attack happens.

Picture of Yair Melmed
About Yair Melmed

Vice President - Solutions & Customer Success