Are Your Employees Ransomware Ignorant?

A new survey suggests that many employees don't know what ransomware is or how to avoid it. Read tips for protecting your organization and its data. Read More

New Vulnerabilities Are Emerging: Addressing Multi-Vector Attacks Now Is Important

Cybercriminals are using more sophisticated techniques, including attacking Macs and multi-vector attacks. Learn what steps can prevent such attacks. Read More

Cyber Awareness Leads To Better Cybersecurity

Employers must stress cybersecurity practices for teleworking employees. We examine. Read More

Has Social Distancing And Remote Workers Made Your VPN More Vulnerable?

With millions of Americans working from home because of the coronavirus pandemic, information technology departments may be too stretched to keep networks updated. Virtual private networks have been overloaded with remote workers. Shuttered nonessential businesses are also easy targets.  


Federal officials warn that hackers are likely to take advantage of this environment to attack organizations.


The Federal Bureau of Investigation warns that phishing scams targeting businesses are on the rise. The World Health Organization reported that hackers recently created a malicious site that spoofed the WHO's website.


Although some cybercriminals will attack with ransomware, other breaches may not be discovered for weeks or months. Well-organized cybercrime organizations and nation-states may lie dormant as they learn more about the environment and search the compromised network for valuable data, including bank account numbers, trade secrets, and personally identifiable information.


Hackers may steal information inconspicuously little-by-little or wait until an organization is most vulnerable to attack all its assets at once. Cybercriminals may even use stolen nonpublic information to profit on the stock market. David Uberti "Coronavirus Cybersecurity Fallout Might Not Be Felt for Weeks or Longer" (Mar. 25, 2020).

Commentary and Checklist

With increasing numbers of individuals working from home, a major cybersecurity challenge now is balancing productivity with protection.


Consider ways to scale up your VPN that also maintain cybersecurity. Work with cybersecurity experts to safely increase your VPN seat count or capacity. Require employees to use a unique, strong password and two-factor authentication when accessing your VPN. If possible, have employees access data and applications via the cloud, which does not require them to use a VPN.


Maintain your networks and be proactive about installing patches.

The Cybersecurity and Infrastructure Agency at the Department of Homeland Security is urging employees to patch their systems, watch for abnormal activity, and properly configure firewalls on their devices. Employers should pass on these recommendations to all employees working from home.


If possible, require employees working from home to use work-issued devices when they access the network remotely. The use of personal devices, email, and file sharing accounts greatly increases an organization’s risk. Employees using personal tools to access your organization’s network makes a successful data breach both more possible and harder for intrusion- detection tools and cybersecurity teams to discover.


The pandemic will lead to long-term cybersecurity risks. Organizations that are able to securely maintain their networks as they scale-up and create safe work-from-home practices will fare far better.

Finally, your opinion is important to us. Please complete the opinion survey:

Sign In

Are you a new user?

Register here

Retrieve password