To VPN or Not to VPN?

Features
By published

Remote work is here to stay, and VPN is no longer sufficient to provide a secure way for people to work remotely. A new approach leveraging digital workspace solutions is needed.

VPN and other internet icons overlaid on a photo of a hand operating a tablet
(Image credit: Shutterstock)

It’s a question many organisations are asking as they work to provide secure and reliable remote access at scale

Technologies that enable employees to work from home have been around for decades. Many companies had been using them to enable a small portion of their employees to work remote on occasion. But in response to the Covid-19 pandemic, most have been forced to shift the majority of their employees to working from home.

Many thought it would be a temporary situation.  But the fact is, remote work will likely be the new normal, even after employees can safely return to their offices.

This shift gives businesses an opportunity to redefine themselves and enable flexible models that provide a superior employee experience that improves engagement and productivity, without compromising security or performance. But it has also opened a whole new set of security concerns that must be addressed, including an expanded attack surface and an increase in global phishing and denial-of-service attacks, hacking attempts and data theft. Now more than ever, zero trust is critical. And to ensure it will require a new approach to remote app and data access.

A new approach

When remote work moved from something a few people did to a mandate for nearly all employees, companies around the world scrambled to scale up their resources and enable it. Many responded tactically and reached for Virtual Private Network (VPN) technologies, as they have long been the traditional way to access corporate applications and data outside corporate locations. But a VPN approach is not a panacea for widespread remote work in the short or long term. Here’s why:

 A risky proposition

As anyone in the IT security space knows, the larger the attack surface, the higher the risk of compromise. And with more workers accessing corporate systems and data from home – in many cases on unsecured personal devices - the surface has never been greater. Nor have the security concerns associated with VPNs, including:

  • Wide access: A VPN tunnel into a data centre enables a remote user access to the entire corporate network, even though an end-user may only require access to small subset of applications based on their role and job function. Opening up access to the entire corporate network not only increases the threat surface, but also significantly increases the probability of an attack.
  • One-time checks: A traditional VPN only checks for user-authentication at the time of login. A hacker with stolen credentials could access all the network and apps. There is no further check or monitoring in place to ensure a user is the same person they claim to be throughout the session.
  • Lack of context: VPN solutions don’t account for change in context such as user or device to define and enforce contextual policies. If a device is jailbroken or stolen and gets into wrong hands, all bets are off.
  • Endpoint Protection: If endpoint protection software isn’t installed and kept updated on devices and they become infected, they can contaminate company networks and data and potentially result in theft and corruption.
  • Clipboard and Peripheral Blocking: If clipboard and peripheral blocking aren’t enforced, users can easily copy and paste data into the local device when a VPN tunnel is established.
  • Traffic Back-Hauling: For applications accessed via the web or as SaaS, having an appliance for VPN at the data centre means backhauling all end-user traffic to a data centre, which can negatively impact performance and the end-user experience. In fact, a recent survey of more than 2,000 US employees who work from home found that VPN-based remote work approaches resulted in “slow performance” and “lack of access to all the apps needed to get work done.”

What’s good for the goose is not good for the gander

VPN may work for a small subset of users. But there are challenges in scaling it to accommodate larger groups. There’s a high interdependency on performance when multiple users are connected simultaneously to the same network equipment (it results in bandwidth and resource contention of the hardware delivering remote access, all the way to the infrastructure hosting the company resources). If five per cent of users download large files over the VPN tunnel, they will have a negative impact on the other 95 per cent of users.

Managing complexity

In addition, a traditional VPN solution is not only complex to set up, but time consuming to administer and manage. Adding licenses and scaling up a VPN Concentrator can be quickly and easily done. But there are significant costs associated with enabling VPN broadly, considering the layers of solutions (MDM, Endpoint Protection, HDD encryption, network resizing, and more) required to ensure sure security isn’t compromised when it’s rolled out.

An alternative approach

So what’s an IT administrator to do? Consider digital workspace solutions. With digital workspace solutions, you can provide users with access to all of the apps and information they need to do their jobs, including enterprise web-apps, SaaS, and virtual and mobile apps, anywhere, anytime on any device and:

  • So what’s an IT administrator to do? Consider digital workspace solutions. With digital workspace solutions, you can provide users with access to all of the apps and information they need to do their jobs, including enterprise web-apps, SaaS, and virtual and mobile apps, anywhere, anytime on any device and:
  • Provide access that isn’t just network-based, but governed through contextual information that is end-user and device-based
  • Continuously monitor end-user activities and assess user behaviour and patterns, in addition to performing authentication checks

And when used alongside application delivery control tools, you can deliver a more reliable experience than you can using VPN as such tools:

  • Use significantly less bandwidth
  • Auto-adjust to changes in network conditions
  • Provide continuous feedback to the end user when network conditions deteriorate
  • Report to IT on client network conditions that have an impact on performance so they can take action

There is a silver lining in every cloud. Companies that embrace digital workspace solutions to fuel remote work can overcome the security and reliability issues inherent in VPN and deliver a high-performance experience that keeps employees engaged and productive, while gaining new levels of agility that accommodate their business today and position them to thrive in the future.

9 fantastic Corel products, worth nearly $4,000

9 fantastic Corel products, worth nearly $4,000

Say hello to endlessly creative, seriously productive professional graphic design - on Windows, Mac and web with this astonishing package from one of the most respected creative software publishers out there, Corel. The package includes: CorelDRAW Graphics Suite 2020 + 1-year subscription to CorelDRAW.app Pro, CorelCAD 2020, CorelDRAW Technical Suite 2019, WordPerfect Office Professional 2020, Painter 2020, Pinnacle Studio 23 Ultimate, MindManager 2020 for Windows and MindManager for Mac 13



  • Also check out our list for the best VPN
Adi Trivedi

Adi Trivedi is a Principal Sales Engineer with Citrix, a leading provider of digital workspace solutions.

Read more
VPN encryption explained in infographic
Secure Web Gateway vs VPN vs Proxy vs CASB: What's the difference?
Illustration of the shadow of a boss with a magnifying glass monitoring a worker at a desk
Can your workplace tell that you’re using a VPN?
An abstract image of a lock against a digital background, denoting cybersecurity.
Building a resilient workforce security strategy
Outlook Calendar on a Tablet
What we learned from VPNs in 2024
Käyttäjä yhdistää VPN-palvelimeen
Want to make your own VPN? It's trickier than you think
A padlock icon next to a person working on a laptop.
Best business VPN of 2025
Latest in VPN
Demonstrators protesting against the arrest of the Mayor of Istanbul Ekrem Imamoglu block Atatürk Boulevard on March 22, 2025 in Ankara, Türkiye.
Turkey's social media ban has been lifted, but VPN usage is still high
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
A hand holds a smartphone displaying the NordVPN logo
NordVPN Prime hits lowest-ever price in VPN Spring sale
Digital hand set location on map with two pins. AI technology in GPs, innovation delivery, map location, future transport logistic, route path concept. GPs point. New office location, change address
What does your IP address reveal about you?
ExpressVPN mobile app and Aircove
ExpressVPN ‘reduces workforce’ for the second time in two years
A stethoscope next to a laptop on a pink background
How to check if your VPN is working
Latest in Features
The cast of The Residence peek from a doorway
Netflix's #2 most-watched show is the new madcap whodunnit The Residence –here are 3 more mysteries to stream next
Google AI Mode
I tried Google's new AI mode powered by Gemini, and it might be the end of Search as we know it
Saily eSIM by Nord Security
"Much more than just an eSIM service" - I spoke to the CEO of Saily about the future of travel and its impact on secure eSIM technology
A collage image showing images from the TV shows The White Lotus on Max, Black Mirror on Netflix and The Handmaid's Tale on Hulu.
I'm pausing my Prime Video, Apple TV+ and Paramount+ subscriptions in April 2025 – here are the 3 streaming services I'm keeping instead
Gemini on a smartphone.
Gemini is pulling ahead of ChatGPT – combining Deep Research with Audio Overviews is one of the best uses of AI I’ve seen so far
The Rookie
The Rookie is Hulu's #1 show – here are 3 police procedural dramas with over 80% on Rotten Tomatoes to watch next
More about vpn
NordVPN CTO Marijus Briedis speaking at a panel during RightsCon 2025 in Taipei, Taiwan, on February 25.

Cyber threats are evolving everywhere – and "prevention alone is insufficient," says NordVPN CTO
Proton CEO and founder Andy Yen poses next to the Proton logo at the headquarters of the encrypted email and VPN services company in Geneva.

Encryption backdoors: privacy can be misused, "but the cost of a world without is so much higher"
Google Pixel 9 on blue background with big savings text overlay

Forget Amazon, the best Pixel 9 deal is at Mint Mobile today - get $400 off without an annoying trade-in
See more latest
Most Popular
The cast of The Residence peek from a doorway
Netflix's #2 most-watched show is the new madcap whodunnit The Residence –here are 3 more mysteries to stream next
Scrabble
Here are 5 games that ChatGPT can play that you'll love
ChatGPT
I asked ChatGPT to explain cosmic mysteries like I’m five – and its analogies changed how I think
Google AI Mode
I tried Google's new AI mode powered by Gemini, and it might be the end of Search as we know it
NordVPN CTO Marijus Briedis speaking at a panel during RightsCon 2025 in Taipei, Taiwan, on February 25.
Cyber threats are evolving everywhere – and "prevention alone is insufficient," says NordVPN CTO
A middle school softball team's players and coach cheer in Win or Lose
Tempted by the record-low Disney+ bundle deal? Here are 3 shows with over 90% on Rotten Tomatoes you won't want to miss
Proton CEO and founder Andy Yen poses next to the Proton logo at the headquarters of the encrypted email and VPN services company in Geneva.
Encryption backdoors: privacy can be misused, "but the cost of a world without is so much higher"
Marriage Story
7 romance movies I recommend streaming on Netflix, Hulu, and more to anyone who doesn’t like romance
Gemini on a smartphone.
Gemini is pulling ahead of ChatGPT – combining Deep Research with Audio Overviews is one of the best uses of AI I’ve seen so far
Saily eSIM by Nord Security
"Much more than just an eSIM service" - I spoke to the CEO of Saily about the future of travel and its impact on secure eSIM technology