No, VPNs Aren’t Dead — They’re More Essential Than Ever
A few weeks ago, a particular DigitalMunition Executive Insight claimed it’s time to say good-bye to VPNs. Among other things, the writer claimed that application access was more effective, and that zero trust architecture is an essential ‘alternate model’ for access. While I agree with Mr. Sullivan that application access and zero trust architecture are important and effective, I see no evidence that they’re mutually exclusive to VPN technology. In fact, without the network security a VPN provides, they’ll be of little use. Not only is VPN technology constantly updating — it’s more essential than ever before.
As our world becomes more global and more
remote, businesses are spreading out. Whether it’s via remote employees, the
Internet of Things, or simply expanding locations, the majority of businesses
simply aren’t centralized in one location any more. For a business that wants
to grow, this is all the more relevant. That’s why a great VPN is so important;
it doesn’t just provide a ‘security border’ for whoever, it provides access to
essential data and resources on your network for the people that need them
most: your team. VPNs can connect vast networks of POS systems, IT tools,
pop-up shops, remote employees, and everything in between. With a VPN, they’ll
all have access to the specific resources they need to succeed — just as if
they were logging in to HQ. That kind of technology could never be stagnant;
it’s always developing to meet the shifting market needs.
VPNs provide a type of network security that
is deeply complex. It’s true that application security is important — but that
does not eliminate the need for network security and network access control.
It’s vital to support both network security and application security.
Application security without a private network means enterprises will be
subject to the same level of cybersecurity threat as the public internet. This
obviously isn’t tenable; but, when combined with the network security of a
powerful VPN, application security provides the in-depth protection companies
need. Zero trust does indeed provide powerful security; but you can’t truly achieve
zero trust without strong network security.
Most importantly, granular application
security — limiting specific users to those specific resources they need to do
their job — is absolutely possible with a good VPN. In fact, I’d argue it’s a
key function. Offering full access to your entire corporate network to your
entire team is a foolhardy move. Third-party contractors, for example, simply
don’t need the access that your full time employees do — and each of those
employees might need access to different resources based on their specific role
and department. Does your marketing department need access to everything that
your IT team does? Absolutely not. Limiting that access has nothing to do with
the level of trust on your team; it’s just a realistic practicality. In fact,
it protects your team just as much as it protects your data — no one wants to
be the unintentional source of a data breach because they had access to
something they didn’t need.
VPN technology is always developing — and with
more cyber threats hitting the market every day, it’s more important than ever,
especially for companies who want to securely scale. A good VPN should provide
both application security and network security; both are essential to keeping
your data safe, because both perform key security roles. A great VPN will also
provide granular controlled access for maximum security, because excessive
access, especially for remote or third-party users, is a major security risk.
But it’s a risk that’s easily mitigated with the right VPN.
VPNs aren’t dead or dying; on the contrary,
they’ve become more valuable than ever to any company that wants to scale
safely in this ever-changing cybersecurity landscape.
Francis Dinha is the CEO and co-founder of OpenVPN
Gloss