Unless your company is based on Mars and employs only martians, your workforce undoubtedly includes remote contractors and freelancers plus all kinds of employees who sometimes work from the office and sometimes don’t. In fact, it is estimated that 70% of employees work off-site at least part of the time.
VPNs were introduced nearly 20 years ago, and are still the most widely accepted solution for enabling secure remote access, whether to on-premise enterprise resources or to applications hosted on public cloud networks. VPNs, however, were never designed to address today’s complex networks, volumes of remote users, and high-risk security scenarios. Consequently, more and more security and network administrators are realizing that VPNs simply don’t cut it anymore. Here are four reasons why.
#1- Overly Permissive Remote Access
While remote access is important and growing, it is not very secure. According to an IDC brief, more than 40% of security breaches come from authorized users like contractors, vendors and employees.
So what does this have to do with VPNs? VPNs lack security granularity and provide excessive trust. Once a remote user is authenticated by a VPN, s/he is considered “trusted” and is granted access to more of the network than is required, making network resources overly vulnerable and open to attack.
#2- Complex Onboarding and Management of Users and Resources
Managing the onboarding, offboarding, and tracking of enterprise resources and users is complex. To begin with, today’s distributed networks require that remote workers have secure remote access to dozens of different servers on cloud provider instances. This means deploying, configuring and maintaining VPNs for every instance.
While all of these functions can be covered by a VPN, managing all the use cases requires multiple VPN appliances, each with a policy to maintain and synchronize. In addition, there are network security appliances which need to consider VPN users as well. IT teams end up building dashboards to provide a coherent picture of network participants and the access and security policies that govern them.
Another management hurdle is the onboarding of new remote users. Fully onboarding a new remote contractor can take days or even weeks, slowing down a fast-moving business. IT administrators often find themselves investing precious time configuring and troubleshooting VPN clients.
#3- Poor End User Experience Impacting Productivity
Regardless of the network complexity, remote/mobile users expect and require a simple user experience with a seamless connection to applications and servers.
Consider, for example, the issue of concurrent access to multiple apps and cloud servers. It’s not uncommon for a sales person working remotely to require access to a manufacturing system in the data center, a supply chain app hosted on AWS, and a CRM system hosted on Azure. If the end user experience using a VPN is an annoying stream of connecting and disconnecting to different resources combined with a network latency, then user frustration builds up quickly and productivity suffers.
If VPN Doesn’t Cut it…What Does?
Software-defined perimeter (SDP) solutions provide a more secure and manageable alternative to legacy VPNs for remote contractor work, offering reduced risk, application-specific access, efficient management and a consistent end-user experience.
Read our white paper, Zero Trust for Contractor Remote Access.