Why VPN isn't needed anymore in Enterprise security

Why VPNs aren’t needed anymore

124 Flares 124 Flares ×
The development of Virtual Private Networks (VPNs) was made necessary due to the exponential growth experienced by companies in the time we first saw tunneling protocols emerge. Current iterations of the technology enable organizations to coordinate resources and communications unlike any other internet-based system. By offering an extension to typically in-house networks, businesses were able to expand their private network to multiple geographic locations. Despite once offering the epitome of network security and accessibility, the use of client-based technologies has lost support over the last five years as seamless, browser based access points have taken prominence.
A need for encrypted, efficient data transfers will be present for as long as business may be conducted at the global level. In order for business at large to adopt a new standard we must consider the reasons for why companies have opted to use VPNs. Utilizing various transport layer securities offers protection from sender to receiver as the experience of intra-office accessibility is mirrored to access points connected around the globe.

Where VPN fails

A private network accessible anywhere around the globe sounds optimal before considering that unwanted access may be achieved in just as many points. Authorization of user credentials is a requirement, with the loss of user credentials an organization resulting in unlimited exposure to risk. While no system may be considered perfectly safe, the authorization of user access occurs at the individual level: being the portal. While portal access structures the user interface and experience, the work of updating these portals at the department level can be a daunting task as recognized by nearly anyone with systems experience dating back to the 1990’s. While we now find applications to avoid most of the hassle, whether it be through automated system flushes or other means, this inconvenience comes at the increasing cost of too many exploits. These exploits include split tunneling, keystroke loggers and hardware lag. Split tunneling occurs when the remote (end) user attempts to handle both private and public (shared; common) network traffic at the same time. As access is gained to the shared network which allows for attackers to access the private system. Though host-based firewalls and protections are a good measure against this sort of attack, the only method to avoid them altogether is to restrict users from managing both types of networks, which can severely impact the use of the machine.

Substitutions, of Sorts

We have recognized that VPNs may not be the way of the future, but what will businesses use to coordinate resources? The answer may be the technology we are adopting today: the cloud. While no system could replace the VPN for its full-fledged functionality, would it surprise you to learn that most resources could be offered with a greater level of security while reducing exposure to attacks and physical threats? Through the use of cloud computing technologies and Privilege Account Management (PAM), IT infrastructures may be made as accessible if not more so with the use of the cloud. The most obvious of benefits we see from initiating a cloud changeover is the interoperability of its components to web browser and software based applications. Utilizing a web browser based system, companies have been able to offer a similar experience while lowering system vulnerabilities due to internal attacks.

Now, more on PAM and how it could change the way we consider global network structure. The convenience offered by cloud-based, privilege and authorization centric systems includes a lower cost of implementation and administration. Primary security considerations in these systems are with relation to the end user system and sessions. Cloud based systems offer the ability to operate regular vulnerability scans with the ability to quickly. Increased reliability translates to greater uptime, and resourcefulness of the program to its enterprise. Auditing session data on a regular basis allows admins to ensure usage is occurring at the point of process, and is used as intended. This offers oversight to vulnerabilities as well as system usage, which is an added benefit given the speed offered by these systems.

Application and Use of Substitutions

In practice we find the PAM based systems to offer superior experience to both administrators and end users. Like the transition from conventional program integrations to SaaS providers, we may witness a transition from VPN systems to their cloud based equivalent. While mass transition has yet to occur, we can dissect the leading markets to reveal a few instances in which this transition has been successful. A company like Nucor, the largest steel producer in the United States, would see a benefit from transferring to a cloud based system as their need for a reliable and cost-efficient system outweighs their need for flexibility in systems design. 99.99% uptime for any system yields positive reception yet the availability of those systems should not come at the cost of uptime, which can be the case with VPNs. At the enterprise level we see that VPNs fail to help enterprise security as the substitutes of PAM offer a greater value to business.

The best perspective to view the use of substitutions is that of the non-technical industries seeking to reduce IT costs. Large companies like Starbucks, Costco, AmerisourceBergen and Cargill all share an interest in reducing costs and are able to face certain limitations of Cloud based systems, namely anonymity. Companies seeking to reduce overall IT costs, that look towards moving their resources from an in-house setting and are able to acquiesce minimal variances in performance should consider investigating PAM based systems. Although many differences exist, the benefits presented are worth considering even for the most resourceful of companies

The Pursuit for Enterprise Security

The goal of an organization’s remote network is to offer unlimited extensions of accessibility and to fit into its information systems architecture. Properly aligning these systems while satisfying C-Suite demands for performance often results in a suboptimal finished product. Although certain aspects of a security framework lend themselves to interoperability issues, the obvious savings realized through the utilization of PAM may alter the way we think about systems. If enterprises can accept a change in their expectation for privacy and anonymity, they will experience a great amount of improvement in their business capabilities as a whole.

Share this post

124 Flares Twitter 0 Facebook 0 Google+ 0 Reddit 0 LinkedIn 0 Buffer 124 124 Flares ×