You may have noticed over the past few months that the Software Defined Perimeter (SDP) has been in a lot of headlines. SDP has undoubtedly become quite a buzzword in the networking space, but how do you know if and when it’s the right time to invest in this technology? As with many things, the answer to that question is going to be different depending on a variety of factors and needs, but the basic answer may surprise you.
Where are your applications hosted?
This is one of the most important factors when considering an SDP. Although there has been an enormous shift to the cloud and SaaS, roughly 98% of organizations today still maintain some level of on-premise data. If your organization falls into this camp, now is the time to start looking at your options, with a plan to buy in the near future. With the Covid-19 pandemic causing many businesses to rethink the way their employees work, the need for secure remote access has skyrocketed. So much so that 80% of companies are now actively considering the benefits of SDP solutions based on a zero trust architecture.
Your on-premise applications may be protected by forcing employees to use a VPN, but with so many employees working remotely for the foreseeable future, an SDP can create a huge advantage. SDP offers the kind of edge-to-edge network visibility, on-device intelligence and split-tunneling capabilities that a legacy VPN simply cannot deliver. If your applications are all hosted in the cloud, you should be looking at either an SDP or a CASB solution as soon as possible. A VPN can do little to protect your cloud applications, so this should be the next logical investment you make, especially if IT budgets are tight.
If all of your applications are on-premise, you have some time. An SDP is still important if you’ll eventually move partially or fully into the cloud, but it doesn’t need to be one of your top priorities at the moment. In that case, a secure and reliable VPN will serve you well, while adding an SDP to your future roadmap makes the most sense.
Do I get rid of my VPN?
A common misconception is that an SDP will completely replace your VPN. Even though you may see articles around the industry like “The VPN is dead”, this is clearly untrue. The fact is that most companies still use some mix of on-premise and cloud applications and you’ll need both a VPN and SDP to gain secure access to them.
If you want a more impartial opinion, Gartner recommends that organizations should use both an SDP and a VPN in the medium term, and preferably one solution that contains both in order to ensure compatibility.
Where are my workers?
If you’re like most companies and still have a largely remote workforce, an SDP should be high on your list. It may have been easy to manage your security when most people were in the office, but it’s very different when everyone is remote. If you want to ensure the security of your workers, an SDP will calculate a multitude of factors before allowing access to a specific resource. This added protection will save you from various headaches in the future. An SDP also differs from a VPN in that there are far more granular controls to limit a user only to the applications and services that they need for their role, rather than giving them freedom to move laterally throughout the network.
So when is the best time to buy?
If you’re like most companies, the answer is most likely now, or in the very near future. In the space of a few short years SDP has evolved from being a niche technology suitable to only a few use cases, into becoming a mainstream option for most companies. There have never been more options available, which in turn has made the technology more accessible than ever.
Once you’ve decided that an SDP is right for your organization, the next step is to make a shortlist of the ones that might be right for you. There are a lot of SDP vendors out there, offering a range of totally cloud-based or on-prem SDP options and a variety of features. But very few vendors deliver an SDP solution with the strength of a built-in VPN.