Cybersecurity professionals trust connected VPNs to unafraid distant endpoints with an organization's location network. One adept suggests determination is simply a better, simpler and safer attack to execute the aforesaid thing.
It's astir aged quality to accidental that COVID changed everything, and distant workforces are present to stay. As to what's changing, organizations are reevaluating their investments and modifying enactment environments truthful that they person arsenic tiny an onslaught aboveground arsenic possible. This means the usage of legacy, on-premise solutions and the VPN infrastructure that is required for them to run are nary longer viable.
Automox's 2021 State of IT Operations survey suggests 1 crushed for the deficiency of viability is the accrued trouble successful managing endpoints arsenic much employees enactment remotely (80% of the survey participants). "That comes arsenic nary astonishment with the bulk inactive utilizing a premix of bequest IT tools that nary longer conscionable the needs of today's dynamic and changing environments," explained Jay Prassl, laminitis and CEO of Automox, during an email interview. "In addition, cybersecurity pros were unprepared for the abrupt displacement to distant enactment which caused a cybersecurity nightmare."
"It is captious that companies instrumentality a proactive stance to information and instrumentality a semipermanent distant information strategy," continued Prassl. "The fashionable communicative that firm VPNs are trusted and unafraid couldn't beryllium further from the information – distributed endpoints are immoderate of the easiest targets for attackers, and gaining introduction to a institution web is arsenic casual arsenic an worker committing an unintended error."
SEE: IT disbursal reimbursement policy (TechRepublic Premium)
To backmost his claim, Prassl cites Verizon's 2021 Data Breach Investigations Report, which mentions that 85% of cyberattacks past twelvemonth progressive quality interaction. Adding further affirmation, 1 of the criteria for being included successful the Gartner Magic Quadrant for Unified Endpoint Management requires solutions to enactment autarkic of VPNs. Prassl added, "This is simply a beardown awesome the manufacture is moving distant from tools similar VPNs, successful favour of much effectual processes."
What volition regenerate VPNs?
Next, Prassl offered the pursuing examples of existent cybersecurity challenges and however to rectify them.
First example: A afloat distant startup employs on-site servers. The concern is successful, and the fig of servers rapidly increases from a twelve servers to much than 1 hundred. The enactment buys much abstraction and hires much radical to negociate caller servers. It's a never-ending and costly spiral.
Instead, organizations could follow unreality oregon cloud-native solutions, which supply the pursuing benefits:
- Better scalability, real-time visibility, and power implicit distributed IT environments.
- Less enactment required to deploy, manage, and support the organization's infrastructure.
- More cost-effective to standard arsenic a concern grows, particularly if they are looking to go afloat remote.
Second example: Typically the accepted IT-management strategy requires 1 of 2 things: On-site nonstop connectivity oregon VPN connectivity. However, successful a distributed-workforce environment, not each employees whitethorn link to the VPN each day, meaning the IT squad tin person unmanaged firm endpoints for immoderate clip earlier they cheque successful again to person updates.
Organizations could instrumentality tools specified arsenic cloud-based spot management, Mobile Device Management (MDM), Endpoint Detection and Response (EDR), antivirus software, endpoint encryption, and unafraid email gateways, which connection the pursuing benefits:
- Simplifying deployment of cloud-based solutions to a distant workforce utilizing lightweight agents.
- Improving visibility and control, allowing IT teams to negociate the devices remotely.
Third example: Suppose a CEO's laptop is hacked. Cybercriminals could person afloat entree to the company's delicate information for a agelong play of clip without being detected.
Organizations could employment a zero-trust architecture arsenic the instauration of the organization's cybersecurity platform, which provides the pursuing benefits:
- Limits the imaginable harm and consequences of invasive cyber attacks, analyzable phishing scams, and embarrassing information breaches.
- Reduces idiosyncratic permissions and entree to information truthful that not adjacent CEOs volition person entree to each of the organization's data, lone the information they need.
- Implements web segmentation and monitors web activity, successful bid to support delicate information and respond to breaches quickly.
VPNs tin beryllium hard for users arsenic good arsenic IT and cybersecurity departments. A batch of radical would apt beryllium consenting to determination to a level that would beryllium easier to usage and implement, arsenic good arsenic being much secure.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays
Sign up todayAlso spot
- How to go a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats connected the horizon: What IT pro's request to cognize (free PDF) (TechRepublic)
- Checklist: Securing integer information (TechRepublic Premium)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)