It’s time to scrap the VPN for secure remote access
Later this year, after we’ve all been vaccinated against COVID-19, it will be relatively safe to return to the office. But many of us won’t, at least not full-time. A recent PwC US Remote Work Survey found that 55% of employees “would prefer to be remote at least three days a week once pandemic concerns recede.” I’m one of them; I do not miss the 45-minute+ drive down highways 101 or 280 to get to the office every day.
Since the pandemic began, IT and security teams have had their hands full putting the tools and technologies in place to facilitate the boundary-less organization. One of their most-relied upon tools, Virtual Private Networks (VPNs), have been critical to connecting us to the corporate resources we need to do our jobs. There were 4.1 billion Internet users in 2020, and research indicates that more than 26% of these users rely on VPN services. That’s a lot of VPN. Unfortunately, VPNs do not provide the levels of security required to protect an organization from cyberthreats.
VPNs were designed many years ago in an era when threats were essentially nonexistent, and most, if not all, users were trusted employees. They were also intended to enable a much smaller percentage of employees to work remotely. VPNs also enable network-level access, meaning more users may have access to applications and resources they aren’t supposed to. Configuring a VPN to handle the myriad of access possibilities at the network level can be tedious, time-consuming, and error-prone. And in 2020, there’s no doubt that administrators spent hundreds of hours, if not thousands, enabling remote connectivity for their workforces.
Ransomware and Phishing and Credential Theft – Oh My!
Why is it so important for us to figure out how to be more secure than what a VPN can provide? Well, many of us were using VPNs to connect to our company resources in 2020, but the incidence of ransomware, phishing, and credential theft increased like crazy; phishing email attacks related to COVID-19 increased 600% in the first quarter of 2020 alone! That wasn’t entirely the VPNs fault, but even so, their lack of security made some of these threats easier for attackers to achieve. According to research by VMWare on the impact COVID-19 has had on the attack landscape, “88% of U.S. cybersecurity professionals said that attack volumes have increased as more employees work from home.”
As 2021 goes on and we continue to work from our homes—if not all of the time, more than we ever did pre-COVID—we need to protect ourselves and our employer from cyberattacks better. We need to bring down the dramatic increase in pandemic-fueled ransomware, phishing and credential theft attacks that we saw in 2020 and try to wipe them off the cyberthreat map altogether. It is possible: by combining the remote access capabilities of the VPN with the security controls required to combat pernicious threats, we can turn those threat statistics around and start making it much harder for the “bad guys” to take advantage of our post-pandemic cyber landscape.
Remote Access + Security = Safe Work from Anywhere
Zentry Security was founded with the express goal of merging secure remote access and the security controls necessary to provide protection from cyberattacks into a single, streamlined solution. Zentry Trusted Access is ideal for small- to medium-sized enterprises (SME) that might lack the budget or sufficient staffing to ensure the security of their remote workforce. It provides a frictionless, zero trust experience for users, enabling them to access specific applications (unlike a VPN, which, by default, enables network-level access) regardless of their location using only a browser. It provides a simple, headache-free experience for IT administrators, offering smooth, secure remote access for their workforces – but without the pain associated with excessive complexity and configuration.
Thanks to VPNs, we’ve been able—for years now—to connect remotely to corporate applications and resources. Let’s up the ante in 2021 and make that secure remote access so that we can continue to reap both the personal and professional benefits of working from home.
Interested in learning more about Zentry Security? Read our blog, A New Era in Secure Remote Access, or check out the white paper “Migrating to Zero Trust Secure Access”. Or if you’re new to the world of Zero Trust, check out our piece on “How To Implement Zero Trust.”