The venerable VPN, which has for decades provided remote workers with a
secure tunnel into the enterprise network, is facing extinction as
enterprises migrate to a more agile, granular security framework called
zero trust, which is better adapted to today’s world of digital
business.
VPN
VPNs are part of a security strategy based on the notion of a network
perimeter; trusted employees are on the inside and untrusted employees
are on the outside. But that model no longer works in a modern business
environment where mobile employees access the network from a variety of
inside or outside locations, and where corporate assets reside not
behind the walls of an enterprise data center, but in multi-cloud
environments.
Gartner predicts that by 2023, 60% of enterprises will phase out most of
their VPNs in favor of zero trust network access, which can take the
form of a gateway or broker that authenticates both device and user
before allowing role-based, context-aware access.
There are a variety of flaws associated with the perimeter approach to
security. It doesn’t address insider attacks. It doesn’t do a good job
accounting for contractors, third parties and supply-chain partners. If
an attacker steals someone’s VPN credentials, the attacker can access
the network and roam freely. Plus, VPNs over time have become complex
and difficult to manage. “There’s a lot of pain around VPNs,” says Matt
Sullivan, senior security architect at Workiva, an enterprise software
company based in Ames, Iowa. “They’re clunky, outdated, there’s a lot to
manage, and they’re a little dangerous, frankly.”
At an even more fundamental level, anyone looking at the state of
enterprise security today understands that whatever we’re doing now
isn’t working. “The perimeter-based model of security categorically has
failed,” says Forrester principal analyst Chase Cunningham. “And not
from a lack of effort or a lack of investment, but just because it’s
built on a house of cards. If one thing fails, everything becomes a
victim. Everyone I talk to believes that.”
Cunningham has taken on the zero-trust mantle at Forrester, where
analyst Jon Kindervag, now at Palo Alto Networks, developed a zero-trust
security framework in 2009. The idea is simple: trust no one. Verify
everyone. Enforce strict access-control and identity-management policies
that restrict employee access to the resources they need to do their
job and nothing more.
Garrett Bekker, principal analyst at the 451 Group, says zero trust is
not a product or a technology; it’s a different way of thinking about
security. “People are still wrapping their heads around what it means.
Customers are confused and vendors are inconsistent on what zero trust
means. But I believe it has the potential to radically alter the way
security is done.”When comes to the issue of online privacy and
security, we suggest to use a VPN, and our recommendation is
RitaVPN.Qwer432
www.ritavpn.com/blog/how-to-unblock-websites/ www.ritavpn.com/blog/what-is-the-best-vpn-provider-for-uae-in-2019/ www.ritavpn.com/blog/why-does-one-need-a-vpn/
The Wall