VPNs are so last year: Is it time for them to bite the dust?

null

Remote working is nothing new; born from the tech revolution that began just after the millennium, employees worldwide have been able to enjoy working from the comfort of their own home. 

However, with news that companies such as HP, IBM and Yahoo have since had a change of heart and revoked employee rights to work from home - with a few even adopting a "if you don’t like it, leave" policy - remote working has been given a bad reputation.

The reality is that for many companies, working from home just isn’t the same as working from the office, and it’s mostly down to the ease with which employees can access corporate applications remotely.

The concept of Virtual Private Network (VPN) was created to resolve this issue and provide a secure link between an employee at home or on the road and the corporate network.

In fact, almost half (48 per cent) of UK IT professionals surveyed by OneLogin require employees to use VPNs when working remotely. However, with 30 per cent receiving frequent complaints that the use of a VPN slows down remote network access, many organisations are struggling to find a balance between productivity and security.

The survey also found that half of remote workers spend up to one day per week connected to unsecured networks in an effort to circumnavigate VPNs and get on with their job, leaving organisations open to a host of cyber threats.

The VPN problem

With "not fit for purpose" VPNs, organisations are inadvertently making remote working impossible and the benefits of creativity, productivity and efficiency that remote working originally boasted are buried under a sea of stressed remote employees and IT teams battling complaints.

Organisations have outgrown the outdated tech they still rely on and can no longer afford to use unreliable VPNs that encourage employees to flaunt security best practices. If employees continue to favour unsecured networks, a cybersecurity catastrophe is just around the corner, particularly with the deadline looming for the EU’s General Data Protection Regulation (GDPR) on May 25th 2018.

Under GDPR, if data gets into the hands of cybercriminals as a result of neglect or employee ignorance, businesses could be faced with penalties that start at €10 million and can go up to as much as €20 million or four per cent of a business’s annual turnover, whichever is higher.

While having a fully cloud-based strategy seems ideal for many, it isn’t always easy to realise. Many organisations, and particularly enterprises, are battling with a hoard of on-premise legacy IT systems. But the reality is that they simply can’t just move everything into the cloud overnight. IT policies and end-point management strategies need to account for both cloud and on-premise IT infrastructures. Neglecting either of them is not an option.

In order to evolve, businesses are on the hunt for a low-maintenance solution that handles employee provisioning and deprovisioning (when employees leave a company), while improving security and reporting. To meet this demand, Identity and Access Management (IAM) providers need to step-up to the plate and offer solutions that manage both on-prem and cloud environments from one unified platform. 

So where do we go from here? To take a holistic approach to IAM, no matter which way companies leans towards on-premise or cloud, they need one unified access management platform to simplify and manage access in real-time.

If this is partnered with a smart IAM system that can leverage contextual and intelligent authentication tools to lower risk, increase security and ultimately improve usability for their users, then the road to digital transformation will be safer and faster. In today’s competitive landscape, business efficiency and agility are necessities - and safe and effective remote working has a key role to play going forward.

  • Stuart is Global Director of Solution Engineering at OneLogin, helping customers address today's Identity and Access Management challenges through the cloud-based OneLogin Unified Access Management Platform.