Are VPNs still the best solution for security?

Cybersecurity professionals depend on VPNs to safe distant endpoints with a corporation’s dwelling community. One professional suggests there’s a higher, less complicated and safer method to perform the identical factor.

Secure VPN Connection. Virtual Private Network or Internet Security Concept.

Picture: Getty Pictures/iStockphoto

It is virtually previous information to say that COVID modified all the pieces, and distant workforces are right here to remain. As to what’s altering, organizations are reevaluating their investments and modifying work environments in order that they’ve as small an assault floor as potential. This implies the usage of legacy, on-premise options and the VPN infrastructure that’s required for them to function are not viable. 

Automox’s 2021 State of IT Operations survey suggests one cause for the shortage of viability is the elevated issue in managing endpoints as extra workers work remotely (80% of the survey contributors). “That comes as no shock with the bulk nonetheless utilizing a mixture of legacy IT instruments that not meet the wants of right this moment’s dynamic and altering environments,” defined Jay Prassl, founder and CEO of Automox, throughout an e-mail interview. “As well as, cybersecurity professionals have been unprepared for the sudden shift to distant work which induced a cybersecurity nightmare.” 

“It’s important that corporations take a proactive stance to safety and implement a long-term distant safety technique,” continued Prassl. “The favored narrative that company VPNs are trusted and safe could not be farther from the reality – distributed endpoints are among the best targets for attackers, and gaining entry to an organization community is as simple as an worker committing an unintended error.”

SEE: IT expense reimbursement coverage (TechRepublic Premium)

To again his declare, Prassl cites Verizon’s 2021 Information Breach Investigations Report, which mentions that 85% of cyberattacks final 12 months concerned human interplay. Including extra affirmation, one of many standards for being included within the Gartner Magic Quadrant for Unified Endpoint Administration requires options to work impartial of VPNs. Prassl added, “This can be a sturdy sign the trade is transferring away from instruments like VPNs, in favor of simpler processes.”

What’s going to substitute VPNs? 

Subsequent, Prassl provided the next examples of present cybersecurity challenges and how you can rectify them.

First instance: A totally distant startup employs on-site servers. The enterprise is profitable, and the variety of servers rapidly will increase from a dozen servers to multiple hundred. The group buys extra space and hires extra folks to handle new servers. It is a unending and costly spiral. 

As a substitute, organizations might undertake cloud or cloud-native options, which offer the next advantages:

  • Higher scalability, real-time visibility, and management over distributed IT environments.
  • Much less work required to deploy, handle, and preserve the group’s infrastructure. 
  • Cheaper to scale as a enterprise grows, particularly in the event that they want to develop into absolutely distant. 

Second instance: Sometimes the standard IT-management technique requires one in every of two issues: On-site direct connectivity or VPN connectivity. Nonetheless, in a distributed-workforce setting, not all workers might hook up with the VPN day-after-day, which means the IT group can have unmanaged company endpoints for a while earlier than they verify in once more to obtain updates.

Organizations might implement instruments comparable to cloud-based patch administration, Cellular System Administration (MDM), Endpoint Detection and Response (EDR), antivirus software program, endpoint encryption, and safe e-mail gateways, which provide the next advantages:

  • Simplifying deployment of cloud-based options to a distant workforce utilizing light-weight brokers.
  • Bettering visibility and management, permitting IT groups to handle the units remotely.

Third instance: Suppose a CEO’s laptop computer is hacked. Cybercriminals might have full entry to the corporate’s delicate information for a protracted time period with out being detected. 

Organizations might make use of a zero-trust structure as the inspiration of the group’s cybersecurity platform, which supplies the next advantages: 

  • Limits the potential injury and penalties of invasive cyber assaults, advanced phishing scams, and embarrassing information breaches.
  • Reduces consumer permissions and entry to information in order that not even CEOs may have entry to all the group’s information, solely the information they want.  
  • Implements community segmentation and displays community exercise, as a way to defend delicate information and reply to breaches rapidly. 

VPNs could be tough for customers in addition to IT and cybersecurity departments. Lots of people would doubtless be keen to maneuver to a platform that may be simpler to make use of and implement, in addition to being safer.

Additionally see

Recent Articles


Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox