• Skip to primary navigation
  • Skip to content

NetMotion Software

  • SOLUTIONS
    • Zero trust access
    • Experience monitoring
    • Enterprise VPN
    • SASE
  • PLATFORM
    • NetMotion cloud
    • How it works
    • Devices & deployment
    • Analytics & visibility
    • Policy controls
  • COMPANY
    • About
    • Customers
    • Careers
    • News
    • Management
    • Contact
  • SECTORS
    • Legal
    • Finance
    • Public safety
    • Healthcare
    • Transport
    • Utilities
  • PARTNERS
    • Alliances
    • Resellers
    • Network operators
  • INSIGHTS
    • Blog
    • Reports
    • Analysts
    • Case studies
    • Webinars
    • Videos
  • DEMO
  • SUPPORT
  • EN

Mobility

Is the VPN really dead?

June 1, 2020

By: Mark Chisholm | June 1, 2020

TL;DR Yes, and no.

If you read the headlines from many technology media and security professionals, you’d be forgiven for believing that the Virtual Private Network (VPN) is dead. The reality – particularly as many of us continue to work remote – is quite different. 

Dating back more than 20 years to the first Peer-to-Peer Tunneling Protocol (PPTP) specifications, the legacy VPNs of that era were designed at a time when most people accessed corporate data from the office, with far fewer remote workers and an almost non-existent cloud-based SaaS infrastructure.

Fast forward to 2020 and we have a very mobile, very remote workforce with vastly different remote access needs. Add to that the emergence of zero trust technologies and it’s easy to assume that the VPN has outlived its usefulness. The truth, however, is that the VPN is not only very much alive, use of VPNs has exploded in 2020, and will continue to play a critical role in the security landscape for many years to come.

The Problem with VPNs

If VPNs are still relevant today, why have so many people been ringing their death knell prematurely? The argument goes that VPNs aren’t capable of protecting the attack surface of today’s networks. They are good at providing secure access to corporate data and applications when a network has a well-defined perimeter, but this kind of environment is less common, due to the popularity of cloud computing, software as a service (SaaS) and the current growth of remote work.

The traditional VPN relies on a set of credentials that allow authenticated users to access corporate data and applications from any location. That’s great in theory, but in practice if an attacker manages to get those credentials, they have almost unfettered (and often unnoticed) access to any corporate resources. The VPN model also falls flat when it comes to insider threats. According to the most recent Verizon Data Breach Investigations Report, more than 30 percent of data breaches are the result of employees, acting maliciously or accidentally. And consider this: 80 percent of data breaches can be attributed to compromised, weak or reused passwords.

Legacy vs. Modern

Legacy VPNs also aren’t context aware. To highlight this, if the credentials of an Atlanta-based employee (who normally doesn’t travel) are suddenly being used log into the corporate network at 1:30 a.m. Eastern Time, from Turkey, then this should naturally raise a red flag. Unfortunately, traditional VPNs can’t do this.

Also worth mentioning, traditional VPNs are costly, often requiring dedicated hardware that is time-consuming to deploy and not scalable when needs spike. As many newly-remote workers have recently discovered, old-school VPNs can negatively impact network performance by forcing all data down the ‘tunnel,’ even when that data (such as many SaaS apps) can safely be sent directly to the Internet. Simply put, being either ‘on’ or ‘off’ doesn’t cut it.

One important thing worth pointing out is that not all VPNs are created equal. There is a new breed of highly scalable and context-aware VPNs that are designed specifically for mobile workforce. These VPNs can complement or even incorporate elements of a zero-trust architecture, which in the VPN space is also often referred to as a “Software-Defined Perimeter” (SDP).

Context aware

The zero-trust model only allows users and their devices to access services and data only if they can meet certain criteria. These take into account many factors, including the individual’s role and level of ‘clearance,’ the ID of the device, the type of application or data they’re attempting to access, the user’s location, time of day, the type of network (public Wi-Fi, cellular, etc.), and more. The key takeaway is that the threshold for accepting a user’s request can be managed to an extremely granular level, even if they’ve already provided valid username and password credentials.

Here’s an example. A properly authenticated member of the sales team would be granted access to Salesforce during normal business hours using a corporate-owned device in the city where they live. This wouldn’t be suspicious. But a person from engineering trying to access Salesforce in the middle of the night, perhaps from a different country, would certainly raise a red flag. Unlike traditional VPNs alone, the SDP solution recognizes legitimate users and can turn on a VPN tunnel on the fly.

VPNs will be around for years to come

This zero-trust framework is still a relatively new concept, governing the ways that security and access should work. Products based on SDP or Zero Trust Network Access (ZTNA) are still in their infancy, but they are starting to appear on the market. Like any new technology, it can be expensive and difficult to implement. In its 2019 Hype Cycle, Gartner put SDP/ZTNA just over the initial hype peak, meaning that it’s still up to five years away from providing real business value for early adopters. 

Contrast that with VPNs technology, which is extremely mature and used by a majority of enterprises. Analyst firm Research and Markets estimates that VPNs will continue to see a CAGR of 15 percent until 2024. It’s also worth noting that companies wanting to move to a zero-trust framework will probably require several years of planning and evaluation, and possibly even longer for large, well-entrenched organizations that tend to be more cautious.

Is the VPN dead?

In summary, VPNs aren’t dead, but they are evolving. Traditional VPN solutions are likely to be phased out in favor of more flexible, scalable solutions. It will take many years for mature SDP products to replace them, and for large enterprises to fully embrace them. Users in the future will have the best of both worlds; protection on any device and any network, with an on-demand VPN connection that can be deployed back to the enterprise whenever it’s needed. The future looks bright for VPNs for many years to come.

Continue reading

  • Ransomware – the scourge of our times
  • Creating a Cyber Security Culture with former Arsenal F.C IT Director, Christelle Heikkila
  • Demand for ZTNA continues its upward trajectory in 2022
  • What does “cyber resilience” mean to Legal IT?
  • Where are you on the machine learning and artificial intelligence roadmap?
Avatar

About Mark Chisholm

In his role at NetMotion, Mark has the privilege of creating long-form and short-form content highlighting the amazing (and often invisible) ways that the company empowers a growing mobile workforce. His job is made incredibly easy by the fact that NetMotion “just works.” When he isn’t busy writing words, you’ll find him wrangling his two opinionated little girls or devouring news, occasionally at the same time. You can connect with him on Twitter @Mark_A_Chisholm.

Meet the secure virtual private network that's purpose-built for mobile workers. Your free evaluation of NetMotion Mobility® starts here.

Keep Reading

Ransomware – the scourge of our times

Security

Creating a Cyber Security Culture with former Arsenal F.C IT Director, Christelle Heikkila

Security

Demand for ZTNA continues its upward trajectory in 2022

Products/Solutions Remote Working Security

  • Customer Portal
  • Knowledge Base
  • Support and Services
  • Training
  • Support Plans
  • Professional Services
  • Release updates
  • Security Advisories
  • Support Advisories
  • Supported Systems
  • Disclosure policy


Avatar
Mark Chisholm

Try the software for 30 days, for free


Get Started
  • SASE
  • Company
  • Sectors
  • Partners
  • Resources

Secure remote access, without sacrificing on experience.

LinkedIn Twitter instagram youtube Email
  • SASE
    • ZTNA
    • DEM
    • VPN
    • SD-WAN
    • SWG
    • FWaaS
    • CASB
  • Company
    • Customers
    • Careers
    • News
    • Management
    • Privacy
    • Legal
    • Manage preferences
  • Sectors
    • Law firms
    • Finance
    • Public safety
    • Healthcare
    • Transport
    • Utilities
  • Partners
    • Alliances
    • Resellers
    • Verizon
    • AT&T
    • Telstra
    • Rogers
    • Microsoft
  • Resources
    • Blog
    • Reports
    • Analysts
    • Case studies
    • Webinars
    • Videos
    • Support

© 2022 NetMotion Software