Report: VPN security issues keep IT pros up at night
More than 60% of IT professionals are concerned about inadequate VPN security, DH2i finds


Companies were already unhappy with their virtual private network (VPN) servers before the pandemic put extra pressure on them, according to a survey released today by security software company DH2i.
DH2i worked with a third-party market-research company to interview people whose companies used a VPN for network security. They spanned a range of IT job functions in companies that ranged from 500 to over 10,000 users.
The biggest concern was inadequate security, cited by 62% of respondents, the survey said. Two-thirds of the people with security concerns were worried about the security of the devices accessing the VPNs, and 59% also fretted over the privileges given to VPN users. A lack of visibility was also a concern, with 39% of people not clear on what VPN users were doing on the network.
Best VPN services 2023 Secure your Wi-Fi against hackers - VPNs & guest access Run a VPN On Any Device Does your business need its own VPN?
While security was by far the biggest complaint for customers, VPNs also caused some other headaches. Reliability for data recovery came in second, with 45% of respondents identifying it as an issue. The cost of the VPN equipment, its performance, and its manageability were all problems for users.
DH2i concluded the survey in summer 2020. Complaints about performance would likely have increased as people continued working from home, placing more stress on office VPN equipment.
Security is also likely to have become an even greater concern during the pandemic. Even before the COVID-19 outbreak, the world dealt with a bug in the Pulse Connect Secure VPN that left its servers vulnerable. Intelligence agencies warned about attacks exploiting this and other VPN flaws in October 2019.
Since the pandemic lockdowns began and people started working from home more frequently, governments have warned again about attacks on VPNs. The US Cybersecurity and Infrastructure Security Agency (CISA) warned about VPN exploits in April last year, while several VPN bugs featured on the NSA's top 25 list of flaws targeted by Chinese state-sponsored hackers.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
RELATED RESOURCE
The total economic impact of IBM identity and access management
Cost savings and business benefits enabled by IBM's professional and managed services for identity and access management
In October 2020, CISA issued an advisory warning about attackers chaining a bug in Fortinet's VPN with the Windows NetLogon flaw.
The top three use cases for VPNs in the survey were remote user access, identified by 83%, followed by site-to-site connections, which 57% of organizations were using. Cloud communications was also popular, with 48% of respondents using VPNs for communicating from their on-premises infrastructure to the cloud, or between cloud infrastructures.
DH2i is planning an updated survey to reflect changing attitudes during the pandemic.
Danny Bradbury has been a print journalist specialising in technology since 1989 and a freelance writer since 1994. He has written for national publications on both sides of the Atlantic and has won awards for his investigative cybersecurity journalism work and his arts and culture writing.
Danny writes about many different technology issues for audiences ranging from consumers through to software developers and CIOs. He also ghostwrites articles for many C-suite business executives in the technology sector and has worked as a presenter for multiple webinars and podcasts.
-
What is polymorphic malware?
Explainer Polymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behavior-based defenses
-
Outgoing Kaseya CEO teases "this is just the beginning" for the company
Opinion We spoke to Fred Voccola who remains a key figurehead at the firm as it enters its next chapter...
-
ZTNA vs on-premises VPN
Whitepaper How ZTNA wins the network security game
-
Cisco posts bumper results amidst restructure
News The networking giant impresses analysts with solid profit and record revenue.
-
O2 trials Olympic-scale remote working
News The operator lets 3,000 of its staff work from home in preparation for the chaos the Olympics will bring.
-
Cisco announces 40GbE and 100GbE switching upgrades
News The networking giant looks to support companies in dealing with the data boom, bashing competitor Juniper along the way.
-
Cisco: WAN optimisation is just a feature
News Cisco suggests WAN optimisation will not be a market in the coming years, as it looks to build the capability into its core networking products.
-
Cisco launches turbo-powered wireless access point
News The networking giant tries to cater for the BYOD trend with its new Aironet 3600 Series AP.
-
BT, Orange and Cisco team up for telepresence sharing
News The deal will allow customers from the different service providers to contact each other via telepresence.
-
Virgin launches Big Red VPN
News The Big Red VPN offering is designed to free up IT departments' time so they can innovate.