Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

To VPN or not to VPN for business users

Written by  May 20, 2020

It’s a question many organisations are asking as they work to provide secure and reliable remote access at scale.

Technologies that enable employees to work from home have been around for decades. Many companies had been using them to enable a small portion of their employees to work remote on occasion. But in response to the Covid-19 pandemic, most have been forced to shift the majority of their employees to working from home.

Many thought it would be a temporary situation.  But the fact is, remote work will likely be the new normal, even after employees can safely return to their offices.

This shift gives businesses an opportunity to redefine themselves and enable flexible models that provide a superior employee experience that improves engagement and productivity, without compromising security or performance. But it has also opened a whole new set of security concerns that must be addressed, including an expanded attack surface and an increase in global phishing and denial-of-service attacks, hacking attempts and data theft. Now more than ever, zero trust is critical. And to ensure it will require a new approach to remote app and data access.

A new approach

When remote work moved from something a few people did to a mandate for nearly all employees, companies around the world scrambled to scale up their resources and enable it. Many responded tactically and reached for Virtual Private Network (VPN) technologies, as they have long been the traditional way to access corporate applications and data outside corporate locations. But a VPN approach is not a panacea for widespread remote work in the short or long term. Here’s why:

A risky proposition

s anyone in the IT security space knows, the larger the attack surface, the higher the risk of compromise. And with more workers accessing corporate systems and data from home – in many cases on unsecured personal devices - the surface has never been greater. Nor have the security concerns associated with VPNs, including:

  • Wide access: A VPN tunnel into a data centre enables a remote user access to the entire corporate network, even though an end-user may only require access to small subset of applications based on their role and job function. Opening up access to the entire corporate network not only increases the threat surface, but also significantly increases the probability of an attack.
  • One-time checks: A traditional VPN only checks for user-authentication at the time of login. A hacker with stolen credentials could access all the network and apps. There is no further check or monitoring in place to ensure a user is the same person they claim to be throughout the session.
  • Lack of context: VPN solutions don’t account for change in context such as user or device to define and enforce contextual policies. If a device is jailbroken or stolen and gets into wrong hands, all bets are off.
  • Endpoint Protection: If endpoint protection software isn’t installed and kept updated on devices and they become infected, they can contaminate company networks and data and potentially result in theft and corruption.
  • Clipboard and Peripheral Blocking: If clipboard and peripheral blocking aren’t enforced, users can easily copy and paste data into the local device when a VPN tunnel is established.
  • Traffic Back-Hauling: For applications accessed via the web or as SaaS, having an appliance for VPN at the data centre means backhauling all end-user traffic to a data centre, which can negatively impact performance and the end-user experience. In fact, a recent survey of more than 2,000 US employees who work from home found that VPN-based remote work approaches resulted in “slow performance” and “lack of access to all the apps needed to get work done.”

Scaling up

VPN may work for a small subset of users. But there are challenges in scaling it to accommodate larger groups. There’s a high interdependency on performance when multiple users are connected simultaneously to the same network equipment (it results in bandwidth and resource contention of the hardware delivering remote access, all the way to the infrastructure hosting the company resources). If five per cent of users download large files over the VPN tunnel, they will have a negative impact on the other 95 per cent of users.

Managing complexity

In addition, a traditional VPN solution is not only complex to set up, but time consuming to administer and manage. Adding licenses and scaling up a VPN Concentrator can be quickly and easily done. But there are significant costs associated with enabling VPN broadly, considering the layers of solutions (MDM, Endpoint Protection, HDD encryption, network resizing, and more) required to ensure sure security isn’t compromised when it’s rolled out.


Starting and Running a Business All-in-One For Dummies


An alternative approach

So what’s an IT administrator to do? Consider digital workspace solutions. With digital workspace solutions, you can provide users with access to all of the apps and information they need to do their jobs, including enterprise web-apps, SaaS, and virtual and mobile apps, anywhere, anytime on any device and:

  • So what’s an IT administrator to do? Consider digital workspace solutions. With digital workspace solutions, you can provide users with access to all of the apps and information they need to do their jobs, including enterprise web-apps, SaaS, and virtual and mobile apps, anywhere, anytime on any device and:
  • Provide access that isn’t just network-based, but governed through contextual information that is end-user and device-based
  • Continuously monitor end-user activities and assess user behaviour and patterns, in addition to performing authentication checks

And when used alongside application delivery control tools, you can deliver a more reliable experience than you can using VPN as such tools:

  • Use significantly less bandwidth
  • Auto-adjust to changes in network conditions
  • Provide continuous feedback to the end user when network conditions deteriorate
  • Report to IT on client network conditions that have an impact on performance so they can take action

Companies that embrace digital workspace solutions to fuel remote work can overcome the security and reliability issues inherent in VPN and deliver a high-performance experience that keeps employees engaged and productive, while gaining new levels of agility that accommodate their business today and position them to thrive in the future.

For more business news, help and advice try https://smallmediumbusiness.co.uk.


Peter Flynn

Creator and director of IT Security Centre UK.

I have worked in the IT industry for many years and developed my IT security skills in particular. As this area has always been of interest to me and is more important now than ever.

Contributors

We would like to invite IT Security Professionals from the UK to join our other contributors in providing high quality articles for our website.

To enhance IT Security Centres credentials and to offer an opportunity for other IT Professionals and IT Companies to share their work, information and ideas.

We are always happy to hear from other IT Security Professionals and look forward to your incite. please contact us for more information.

Popular News

Jun 13, 2020 IT Security News

Microsoft announces major issue in Windows 10 June 2020 updates

On 9th June, 2020, Microsoft released cumulative updates for supported versions of Windows 10 including version 2004, ve...

Jun 12, 2020 Cyber Security

NHS email service fooled users in phishing attack

NHS Digital is contacting users of its NHSmail email system after a small number of mailboxes were compromised in a gene...

Jun 09, 2020 Cyber Threats

Common types of cyber-attacks and how to avoid them

With cyber-attacks on the rise, businesses are constantly worried about losing vital data and the threat is very real. ...

Jun 12, 2020 IT Security News

100,000 cheap wireless cameras sold in the UK are vulnerable to hacking

Consumer advocacy organisation Which? has issued a warning over the security of wireless camera brands made by China-bas...

Jul 23, 2020 Cyber Security

Many cyber attacks on UK sports industry says report

At large percentage of sporting institutions, organisations and teams in the UK have suffered a security incident in the...

Jun 09, 2020 IT Security News

Self-employed targeted by hackers with HMRC SMS phishing scam

Cyber criminals have launched a new phishing scam designed to steal personal and financial details of millions of self-e...

Jun 25, 2020 IT Security News

NCSC catch a million phish

The National Cyber Security Centre has received the millionth submission to its Suspicious Email Reporting Service. ...

Jun 08, 2020 Cyber Security

Ransomware attack compensation: What the UK public think

UK consumers believes businesses should stand their ground having suffered a ransomware attack and refuse to negotiate w...

Jun 11, 2020 IT Security News

UK government still can’t decide how NHS contact tracing app should work

A new report today says that the UK government still hasn’t decided exactly how its NHS contact tracing app should wor...

Jun 10, 2020 IT Security News

Is your boss spying on you whilst you are homeworking?

The recent worldwide move to working from home has caused concern amongst employers.

Jun 27, 2020 IT Security News

Apple devices to get encrypted DNS

Apple this year will boldly go where its peers have gone before by implementing support for encrypted DNS in iOS and mac...

Jun 16, 2020 Internet of Things

Ripple20 Bug Exposes Millions of IoT Devices

Exactly how many of the devices that include Ripple20 bugs are directly hackable via the internet remains far from clear...

Jun 12, 2020 Cyber Security

Cybersecurity in the shortsighted gig economy

The ‘gig’ economy encompasses the increasing economic trend for professionals to take on a series of temporary work ...

Jun 08, 2020 Data Security

IBM data encryption is progressing

IBM is making a move forward with its homomorphic encryption (FHE) solution, providing encryption for in-use and shared ...

Jun 11, 2020 Cyber Security

UK government to fund nine cyber security projects

The government is to invest £10m through March 2024 from various sources to fund nine academic cyber security projects ...

Jun 12, 2020 IT Security News

Good reasons to use a proxy server

A proxy server – is a computer on the internet which acts as a middle-man between your computer and the website or ser...

Advertisement
Symantec Home 120x60

Advertisement