Regardless of what you call it, the VPN concept remains crux in your defensive blueprint for secure Internet access.
The virtual private network (VPN), which must have more lives than a cat, has reportedly died again, and according to some industry prognosticators and influencers, VPN is now a bad word. It’s a term to be avoided by unblinking believers of the marketing-driven sleight-of-digit and word-wizardry mesmerism claiming the VPN is no longer an important concept for security. Don’t say VPN, they tell you. Be cool and use alternatives such as software-defined perimeter and secure Internet access instead.
Okay, I’ll try to remember that, I tell myself.
Then I see the new Spider-Man movie, “Spider-Man: Far From Home,” and the VPN term comes up in dialogue between the two main characters. Mary Jane advises Peter Parker (aka Spider-Man) to download a VPN on his phone so he can’t be digitally spied on. So, the hottest new movies are treating VPNs as still relevant, and even Spider-Man is consuming a cool VPN app that he can use to protect himself when ‘far from home.’
VPN. There, I said it. It’s just a word, right? A word we should be able to continue to use to describe a discipline and extended-zone principle that means more than Vendor A and B’s product marketing du jour. From a sound security standpoint, VPN is not just some product you have to buy and manage. It is still an important scheme in your WAN without boundaries defensive strategy.
The technical definition of VPN is a secure, often encrypted connection between trusted device and private network or server. With the network expanding and your mobile employees going wider into unsafe waters, do you want to stop focusing strategically on virtual private networks? All a VPN is an extended zone of protection. You can’t just magically wave a wand and say you’re protected without extending network security policy out to endpoint devices.
Industry projections support the VPN’s immediate survival, dispelling some of this zeitgeist semantical doomsday talk which can be misleading from an overall security perspective. As organizations expand their networks, or outsource some or all of their IP backbone, applications or services in the cloud, the VPN doesn’t disappear; it just gets more virtual like the cloud itself.
The cloud VPN market is estimated to grow at a CAGR of over 21% by 2024, led by increasing shift toward virtual applications and the surge in demand for cloud services, according to Global Market Insights. Another report from Market Research Future puts the VPN market CAGR at 18% through the end of 2022.
So what is all this hog-splash about VPN being a dirty word, a nonexistent thing, a strategy component that some vendors would have you strike from your lexicon, something to be hidden from your transformative security strategy?
Authentication: A Pain in the Protective VPN Ring
Maybe this sustained campaign to bury the VPN – or call it something else – is because the VPN carries associations in which remote user traffic is backhauled to data centers hundreds of miles away, resulting in latency and the use of expensive private lines.
Maybe it’s because traditional VPNs often hassle end-users for constant sign-ins and additional passwords, and users don’t bother using the VPN when they work on company devices, leaving the organization exposed. Although organizations strongly encourage employees to use the VPN when remote or using public networks, the majority of the time employees don’t bother. Requiring additional authentication by end-users can mean more pain, and this has emboldened some vendors to get into semantics hype, or maybe they’re attempting to skirt privacy issues. There’s no more VPN, but you’re safe, they say. Voila. Never mind the man behind the curtain.
What product marketers are actually getting at is they are replacing the traditional prompt-based authentication and authorization with less-jarring solutions under the veil of buzzwords like software-defined networking and software-defined perimeters (SDPs). We’re doing SDN and SDP, too, but for those looking to protect all traffic from the IP layer (Layer 3) and up, VPN is still a requirement.
Engaged employees want access to data and tools that empower them to get the information they need, without being pulled aside for additional verification.
Whether it’s a VPN that is always on, or the same principle through SDP, when your employees use the Internet, protection should follow them wherever they go.
Virtual private network (VPN) is a concept, a best practice, not a now-obsolete product term as some would play you a fool for in telling you to strike from your vocabulary. Virtual private networks still provide us with structure, an easy-to-grasp overall term meaning extended private network security and protection across a constantly flexing network perimeter.
Our world feels less physical… Even venerable virtual private networks are getting more virtual, more seamless and less overtly intrusive for end users. VPNs help to defend us, and in instances where they require interaction with us for additional verification, we tolerate the balance between our productivity, privacy, and enterprise security.
Always-On Internet Protection
Always-on secure Internet access can be achieved through virtual private networks: VPNs that have harnessed the cloud and evolved to eliminate needless password authentication. When it comes to remote workers or devices trying to connect to enterprise jewels or taking unusual actions on the computer network, extra security and verification beyond software-defined device recognition is still warranted. Neither highly automated SDP nor SD-WAN is a security solution in itself, and you want to ensure the person on the client device side is who he or she claims.
OPAQ offers industry-leading Palo Alto Networks endpoint security-as-a-service from the cloud. This OPAQ endpoint security strategy leverages layered security including antivirus, advanced malware protection, and website and URL exclusion lists, as well as software-defined network segmentation, to keep perimeter breaches from going viral and compromising the core network and enterprise data.
VPN is still a valuable discipline in the digital and social networking growth of organizations. Just because your employees may not sign in to use your VPN, you don’t have to throw the baby out with the bathwater. You still want to provide extended-zone protective coverage (similar to an always-on VPN), software-defined network segmentation, and other advanced protections, so your roaming or remote end-users enjoy always-on secure Internet access while vastly reducing the risk of untrusted connections penetrating your precious enterprise data.
Find out more.
Read the Securing Remote Workers report.