IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Report: VPN security issues keep IT pros up at night

More than 60% of IT professionals are concerned about inadequate VPN security, DH2i finds

VPN software displayed on a laptop

Companies were already unhappy with their virtual private network (VPN) servers before the pandemic put extra pressure on them, according to a survey released today by security software company DH2i.

DH2i worked with a third-party market-research company to interview people whose companies used a VPN for network security. They spanned a range of IT job functions in companies that ranged from 500 to over 10,000 users.

The biggest concern was inadequate security, cited by 62% of respondents, the survey said. Two-thirds of the people with security concerns were worried about the security of the devices accessing the VPNs, and 59% also fretted over the privileges given to VPN users. A lack of visibility was also a concern, with 39% of people not clear on what VPN users were doing on the network.

While security was by far the biggest complaint for customers, VPNs also caused some other headaches. Reliability for data recovery came in second, with 45% of respondents identifying it as an issue. The cost of the VPN equipment, its performance, and its manageability were all problems for users.

DH2i concluded the survey in summer 2020. Complaints about performance would likely have increased as people continued working from home, placing more stress on office VPN equipment.

Security is also likely to have become an even greater concern during the pandemic. Even before the COVID-19 outbreak, the world dealt with a bug in the Pulse Connect Secure VPN that left its servers vulnerable. Intelligence agencies warned about attacks exploiting this and other VPN flaws in October 2019.

Since the pandemic lockdowns began and people started working from home more frequently, governments have warned again about attacks on VPNs. The US Cybersecurity and Infrastructure Security Agency (CISA) warned about VPN exploits in April last year, while several VPN bugs featured on the NSA's top 25 list of flaws targeted by Chinese state-sponsored hackers. 

Related Resource

The total economic impact of IBM identity and access management

Cost savings and business benefits enabled by IBM's professional and managed services for identity and access management

Cost savings and business benefits enabled by IBM's professional and managed services for identity and access managementDownload now

In October 2020, CISA issued an advisory warning about attackers chaining a bug in Fortinet's VPN with the Windows NetLogon flaw.

The top three use cases for VPNs in the survey were remote user access, identified by 83%, followed by site-to-site connections, which 57% of organizations were using. Cloud communications was also popular, with 48% of respondents using VPNs for communicating from their on-premises infrastructure to the cloud, or between cloud infrastructures.

DH2i is planning an updated survey to reflect changing attitudes during the pandemic.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

Cyber resiliency and end-user performance
Whitepaper

Cyber resiliency and end-user performance

17 Aug 2022
Can't choose between public and private cloud? You don't have to with IaaS
Whitepaper

Can't choose between public and private cloud? You don't have to with IaaS

12 Aug 2022
What is subnetting?
Network & Internet

What is subnetting?

28 Jul 2022
Server virtualisation: What is it and what are the benefits?
virtualisation

Server virtualisation: What is it and what are the benefits?

25 Jul 2022

Most Popular

UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022