• Skip to primary navigation
  • Skip to content

NetMotion Software

  • SOLUTIONS
    • Zero trust access
    • Experience monitoring
    • Enterprise VPN
    • SASE
  • PLATFORM
    • NetMotion cloud
    • How it works
    • Devices & deployment
    • Analytics & visibility
    • Policy controls
  • COMPANY
    • About
    • Customers
    • Careers
    • News
    • Management
    • Contact
  • SECTORS
    • Legal
    • Finance
    • Public safety
    • Healthcare
    • Transport
    • Utilities
  • PARTNERS
    • Alliances
    • Resellers
    • Network operators
  • INSIGHTS
    • Blog
    • Reports
    • Analysts
    • Case studies
    • Webinars
    • Videos
  • DEMO
  • SUPPORT
  • EN

Mobility Security

Security benefits of a zero trust solution (and why security leaders want one)

August 13, 2020

By: Mark Chisholm | August 13, 2020

A recently published report by NetMotion revealed a startling fact. Asked whether the remote workforce is as safe as similar employees working in an office environment, the response from a host of security and IT leaders was an emphatic ‘no.’ A full 97% of these experts answered that remote workers are exposed to at least some added risk, with roughly 47% believing stating that the risk was either high or extremely high.

With many organizations projected to continue this work-from-home policy for at least the near future, it seems increasingly unlikely that employees will return to the office en masse any time soon. Barring any sudden miracles, the job of providing employees with an easy-to-deploy, reliable and secure remote access solution will fall on the shoulders of IT teams.

Legacy VPNs are not the answer

When work restrictions first began, employers were forced to scramble. Naturally, they wanted to ensure that employees could access the data and applications that they needed for their jobs. But as companies with existing VPNs quickly discovered, the spike in demand placed on network infrastructure pushed those networks to breaking point.

Where did they go wrong? Much of the blame goes to legacy VPN hardware. In order to scale to meet demand, these systems required additional servers and load balancers that are not only expensive, they take considerable time to order and install. These systems may be fine when a small percentage of the overall workforce is traveling or working remote, but they were never intended to cater to an entire population of remote workers, let alone those using a patchwork of slower, often less reliable Wi-Fi and cellular networks.

To some extent, many of us have become numb to news about large-scale hacks and breaches. They no longer have any shock value. Breaches have happened before and they’re going to happen again, regardless of the brand name or its promises to value user data. While many breaches are the result of poor password management or the exploitation of security vulnerabilities in an operating system, we need to do more to minimize them. Far too often, breaches are made worse when a hacker has access to someone’s VPN credentials, allowing them to move laterally throughout a network to exfiltrate valuable data.

Less is more

That brings us to the new wave of promising technology, based on a concept called zero trust. The basic idea is simple: an organization can prevent (or at least greatly minimize) the risk of a data breach by removing trust from its network architecture. In the real world, an employee or device that tries to access an application or data first needs to meet predetermined criteria in order to prove its identity. In other words, a device or a user can be denied access to resources for any number of red-flag events, such as using an outdated version of an OS, or being in the wrong location. In short, this gives IT teams a completely new level of control and the freedom to establish highly specific, granular policies that prevent unauthorized access.

Applying the concept of zero trust to the field of remote access has given rise to solutions such as the software-defined perimeter (SDP). Software-defined perimeters create peer-to-peer connections between users and the specific resources they need. At the same time, the granular policy controls allow for ‘least privilege,’ meaning that users are only given access to the resource they requested and nothing more – preventing any kind of lateral movement.

SDP solutions come in all shapes and sizes, with various flavors of architecture, but they can do much more than just checking credentials. They gather a variety of data, such as the application being used, the location of the device, the trustworthiness of the network it is connected to and much more. It then uses this real-time data to build a unique risk profile for each individual resource request, evaluating it on its merits and determining whether the user should be granted access.

Cloud acceleration

As pointed out in the Verizon Mobile Security Index 2020, a staggering 84% of enterprises today are increasing their reliance on the cloud. This is effectively putting legacy VPN technologies at a further disadvantage, since they were not designed to be used primarily by remote workers accessing remote resources.

While it’s true that the majority of organizations will continue to host at least a few applications on-premise for years to come, the shift toward a reliance on the cloud is undeniable. As a result, IT, network and security teams are finding that they need to work more closely together to ensure that they invest in the kinds of tools that provide greater visibility and control to wherever their employees and devices are at the edge of the network.

The writing is on the wall

With remote work not going away any time soon, the prospect for legacy VPNs looks bleak. It’s little wonder that the need for more secure, reliable remote access is pushing 80% of organizations today to seriously evaluate the merits of a zero trust solution. Where security is concerned, that change can’t come soon enough.

Continue reading…

  • Ransomware – the scourge of our times
  • Creating a Cyber Security Culture with former Arsenal F.C IT Director, Christelle Heikkila
  • Demand for ZTNA continues its upward trajectory in 2022
  • What does “cyber resilience” mean to Legal IT?
  • Where are you on the machine learning and artificial intelligence roadmap?
Avatar

About Mark Chisholm

In his role at NetMotion, Mark has the privilege of creating long-form and short-form content highlighting the amazing (and often invisible) ways that the company empowers a growing mobile workforce. His job is made incredibly easy by the fact that NetMotion “just works.” When he isn’t busy writing words, you’ll find him wrangling his two opinionated little girls or devouring news, occasionally at the same time. You can connect with him on Twitter @Mark_A_Chisholm.

Meet the secure virtual private network that's purpose-built for mobile workers. Your free evaluation of NetMotion Mobility® starts here.

Keep Reading

Ransomware – the scourge of our times

Security

Creating a Cyber Security Culture with former Arsenal F.C IT Director, Christelle Heikkila

Security

Demand for ZTNA continues its upward trajectory in 2022

Products/Solutions Remote Working Security

  • Customer Portal
  • Knowledge Base
  • Support and Services
  • Training
  • Support Plans
  • Professional Services
  • Release updates
  • Security Advisories
  • Support Advisories
  • Supported Systems
  • Disclosure policy


Avatar
Mark Chisholm

Try the software for 30 days, for free


Get Started
  • SASE
  • Company
  • Sectors
  • Partners
  • Resources

Secure remote access, without sacrificing on experience.

LinkedIn Twitter instagram youtube Email
  • SASE
    • ZTNA
    • DEM
    • VPN
    • SD-WAN
    • SWG
    • FWaaS
    • CASB
  • Company
    • Customers
    • Careers
    • News
    • Management
    • Privacy
    • Legal
    • Manage preferences
  • Sectors
    • Law firms
    • Finance
    • Public safety
    • Healthcare
    • Transport
    • Utilities
  • Partners
    • Alliances
    • Resellers
    • Verizon
    • AT&T
    • Telstra
    • Rogers
    • Microsoft
  • Resources
    • Blog
    • Reports
    • Analysts
    • Case studies
    • Webinars
    • Videos
    • Support

© 2022 NetMotion Software