The Internal Revenue Service recommends the use of a virtual private network (VPN) to protect against cyber intruders when working remotely.
A VPN provides an encrypted, secure pathway for transmitting data between a remote user and the company through the Internet. Failing to transmit information through a VPN connection gives cybercriminals a better chance of intercepting information. The government also suggests taking the following steps with respect to remote working and VPN connections:
- Update VPNs and network infrastructure devices with the latest software patches and security configurations.
- Inform employees about an expected increase in phishing attempts.
- Have IT personnel up to date on log review, attack detection, and incident response and recovery.
- Implement multi-factor authentication or strong passwords on VPN connections
- Ensure VPN limitations are tested to prepare for mass usage and, if needed, implement modifications—such as rate limiting—to prioritize users that will require higher bandwidths.