Why is the VPN becoming extinct in companies?
December 11, 2019
by
Kleber Leal by Zamak Portal
The venerable VPN, which has provided remote workers with a secure means to the corporate network for decades, is becoming extinct. This shift is happening as companies migrate to a more agile and granular security framework called Zero Trust, which is better suited to today's digital business world.
VPNs are part of a security strategy based on the notion of network perimeter: trusted employees are inside and untrusted employees are outside. But this model no longer works in a modern business environment, where employees access the network from various locations and where corporate assets are no longer behind the walls of a data center, but in multi-cloud environments.
Gartner predicts that by 2023, 60% of companies will eliminate most of their VPNs in favor of Zero Trust network access, which can take the form of a gateway or broker that authenticates the device and the user.
There are a variety of flaws associated with the perimeter security approach. It does not address insider attacks, and it does not do a good job accounting for contractors, third parties, and supply chain partners. If an attacker steals someone's VPN credentials, they can access the network and move freely.
At an even more fundamental level, today, anyone observing corporate security understands that what we are doing is no longer working.
Kleber Leal by Zamak Portal
December 11, 2019