For years, virtual private networks (VPNs) have been the best practice for giving remote workers secure access to corporate data and applications. But VPNs are built on the fundamental idea that enterprises have an inside and an outside—and the more operations your organization moves to the cloud and the more your users are accessing things remotely, the more difficult it's becoming to define what "inside" and "outside" even mean.
How do you provide secure access to your enterprise network when it's effectively scattered across the Internet?
A recent IDC survey indicates this concern is weighing on companies in every industry. More than 80% of the companies surveyed feel providing remote access is important, and most expect their use of remote access will grow by 11% to 20% in the next year or two.
However, more than half say ensuring the security of remote access is difficult, whether that means securing distributed applications or controlling remote access to the network in general. This is true even though the majority of respondents are using VPNs to provide secure remote access.
Because VPNs often cause disconnections and slow response times, many users prefer not to use them at all. Worse yet, well-intentioned users who believe they're being appropriately security-conscious when they install their own third-party VPNs could actually be increasing risk by bypassing the network firewall and other enterprise threat protection systems—especially if IT isn't aware these VPNs are in use.
In addition, VPNs' lack of access control functionality makes them impractical in the era of highly mobile employees and increasing use of contractors and other contingent workers, and hybrid network architecture. A VPN provides a secure connection to the network, but the entire network. To limit users to only the applications and data they're authorized to use, IT has to implement additional layers of security. In fact, according to the IDC survey, it takes five to 14 network and application components to add one new external user group to an organization.
When applications are behind the firewall, they need to be accessible to authenticated end users but invisible to everyone else. When they're in the cloud, they need to be subject to the same identity protection, multi-factor authentication, data protection, and other security controls as applications on local servers. Users need to be able to access critical applications whether they're in the office or working remotely, on a laptop or on a phone or tablet, as easily as launching a browser.
This is a tall order—and it's one a VPN can't fill. Especially now that the security perimeter itself typically extends beyond full-time employees to contractors, business partners, and other third parties, and beyond the firewall into the cloud.
A VPN doesn't deliver sufficient control over access requirements of today. Business needs more: a solution that delivers access to applications but not the entire network, and also provides multi-factor authentication, blocks unauthorized users, and makes it easy to provision and de-provision individual users at a click.
To learn more, visit Akamai
Find your next job with computerworld UK jobs