NSA to Release Advisory on VPN Security Amid Telework Boom

This week the National Security Agency will offer general guidance on virtual private network security practices as companies begin to adjust to the telework boom after the advent of the coronavirus pandemic.

According to a senior intelligence officer who spoke to reporters on the background, the advisory will come in two parts: an overview for executives that offers "timely and easily understandable" recommendations for security-enhancing VPNs to perform safe telework, and a more comprehensive technical document that provides signatures for network administrators to monitor vulnerabilities in their VPN infrastructure.

"Over the last 5-10 years, network owners, companies, and agencies had made a lot of progress in hardening network security, and then when COVID hit, we all essentially left that environment and moved to a telework environment that in some cases existed before but was used one-off, not at the scale, scope and constancy it's used now,” the official said.

The advisory is the Agency's new attempt to better connect with federal and private sector stakeholders.

A previous NSA advisory released in May on an emerging weakness in Exim Mail Transfer Agent software resulted in a measurable uptick in patch rates for the bug. It contributed to useful follow-up analysis of Russian cyber capabilities by private threat intelligence firms.

Since the advent of the pandemic, VPNs have become a focal point for agencies' cybersecurity issues, with many feds using the software to log into their work systems remotely. However, such devices can also be vulnerable to attack or compromise, mainly when employees log on from unsafe home networks.

In May, the Cyber Security and Infrastructure Security Agency issued its guidance urging organizations to keep their VPNs up-to-date, introduce multi-factor authentication, improve log reviews, identify threats, respond to incidents and recoveries, and prepare their employees for a surge in phishing attacks. The Government Accountability Office is also reviewing how federal agencies have adopted telework technology, with officials suggesting that VPN security would be one of their main concerns.

The need for safe connections is even greater for organizations such as the NSA that manage classified information daily. The Organization has "certainly seeing both criminals and nation-states targeting that telework infrastructure" since the start of the pandemic. Still, it can be difficult to quantify whether and how much this crime has escalated across various threat categories.

Another program called Commercial Solutions for Classified Systems configures commercially available software to enable workers to perform classified work remotely on their laptops and phones up to Secret Stage. The software predates the virus and has usually been used for "late-night calls" relating to sensitive information. Still, in the past few months, the NSA and the Defense Information Systems Agency have sought to scale up to thousands of employees and computers around the Department of Defense components.

Like other organizations, sending their workers home during the crisis has also taught the NSA leadership that many of its employees can do their jobs remotely without compromising productivity or security. The Department has undertaken various telework use cases led by the Cyber Security Directorate, and experience has opened the eyes to the advantages of providing more flexibility to workers outside the pandemic.

"I think all of us have learned…that when missions can be done remotely, [even unclassified], you can achieve a better work-life balance for our folks," the official said.

47 comments

  1. slonned
  2. slonned
  3. slonned
  4. slonned
  5. slonned
  6. Williamsmesk

    free dating sites
    [url="http://onlinedatinglook.com/?"]free chatting for marriage [/url]

  7. KevinLig

    gay dating in jellico tn
    old jewish gay men dating
    [url="http://gaychatgay.com?"]gay dating memes[/url]

  8. KevinLig

    male escort dating gay service
    uk gay dating sites
    [url="http://gaydatingzz.com?"]gay older men dating sites[/url]

  9. KevinLig

    gay+horse+dating
    gay daddies dating
    [url="http://freegaychatnew.com?"]gay dating for twinks[/url]

  10. Cialis

    Adefovir

  11. Oscineded

    http://buysildenshop.com/ - cheap female viagra

  12. Maroweawl
  13. Stromectol

    Amoxicillin And Bruising

  14. traitly
  15. poidayrap
  16. Viagra

    Amoxicillin Uses Sinus Infection

  17. sefeanaps
  18. itewhex

    https://buypropeciaon.com/ - propecia vs generic

  19. PatrickSix

    gay dating site free usa
    gay dating success stories
    [url="http://gaychatgay.com?"]gay older dating[/url]

  20. Viagra

    Keflex And Virus

  21. Propecia

    Viagra Come Usarlo

  22. Cialis

    Cialis Mode D'Emploi

  23. Maroweawl
  24. sefeanaps
  25. Oscineded
  26. Stromectol

    Water Pill Online Purchase

  27. poidayrap
  28. Henrybrura

    philippines gay dating site
    gay dating site site
    [url="http://gay-singles-dating.com?"]gay dating india[/url]

  29. Titismles
  30. NoffAnend
  31. Propecia

    Herbal Viagra Tablets

  32. buy cialis cheap

    Diazide

  33. NoffAnend

    http://buytadalafshop.com/ - canadian pharmacy cialis

  34. Henrybrura

    gay dating site guide
    buzzfeed lesbian gay dating
    [url="http://gay-singles-dating.com/?"]growlr gay dating site[/url]

  35. FrauffLup
  36. suepext
  37. priligy for sale

    Viagra Per Gli Anziani

  38. twilsOm
  39. icolladia
  40. Axiotolal

    http://buyzithromaxinf.com/ - buy z pack online

  41. lasix common side effects

    Vente De Viagra Pas Cher En Caen

  42. Plaquenil

    Cialis Prix Libre

  43. Baimame
  44. Zithromax

    Costos De Kamagra

  45. Baimame

    https://buypriligyhop.com/ - buy priligy in uae

  46. FrauffLup
  47. CoahPhoda

Comment

Your email address will not be disclosed. The required fields are marked with*.

Related recommendation

No related articles!

微信扫一扫,分享到朋友圈

NSA to Release Advisory on VPN Security Amid Telework Boom