The most popular and comprehensive Open Source ECM platform
Let us know more
Security: VPNs versus Zero Trust
VPN (Virtual Private Network) creates an encrypted tunnel between and end user device and the corporate network, allowing the user to access resources as if they were directly connected to the company network. VPN access is often used to allow users to connect remotely to the company network when working from home or off-site.
Zero-trust networks restrict access to all network resources for all users. It doesn’t matter whether a user is on-premise, at home, or off site, all users need to complete a strict verification and authentication before being allowed to access any specific resource.
VPN access requires a user to only gain access to the network. It’s a single hoop that needs to be passed. On the other hand, zero trust requires more verification checkpoints for users to pass before gaining access to just the resources that they need.
Gartner estimates that by 2023, 60 percent of businesses will have transitioned from VPNs to Zero Trust access.
Garrett Bekker, analyst at 451 Research, said that “while VPNs do a good job of providing remote connectivity to internal resources, they suffer from a number of drawbacks in terms of user experience and performance. VPNs also present security challenges, in the sense that they provide broad access to an entire flat network, rather than to just the applications that users need to do their jobs.”
Matt Sullivan, senior security architect at Workiva, said that “there’s a lot of pain around VPNs. They’re clunky, outdated, there’s a lot to manage, and they’re a little dangerous, frankly.”
Bekker said that “zero trust is not a product or a technology; it’s a different way of thinking about security. People are still wrapping their heads around what it means. Customers are confused and vendors are inconsistent on what zero trust means. But I believe it has the potential to radically alter the way security is done.”
