In a remote work world, it’s time to move past VPN
- Published: Tuesday, 13 October 2020 08:27
In the initial rush to rapidly increase remote working as a business continuity measure to respond to the COVID-19 pandemic many organizations deployed an expansion of their Virtual Private Network (VPN). However now is the time to consider better solutions says Brad Peterson.
Organizations worldwide had to scramble to accommodate the massive switch to remote work that the pandemic necessitated. IT teams worked overtime to ensure workers had the hardware and software they needed to keep working and maintain business continuity. This seems to have worked well in the short term, but long-term concerns about security and productivity remain.
One of the tactics many organizations deployed was an expansion of their Virtual Private Network, where users leverage a secure tunnel from their PC to access the corporate data center, in response to the pandemic. But VPNs aren’t always secure, and they can lead to bottlenecks that negatively affect performance. A better solution for enabling secure end user computing is needed, and the answer resides in the cloud.
Latency and scalability issues
For a long time now, IPSec VPN technology – provisioned by the IT team – has been a solution for enabling remote work, but it won’t suffice for the long term in today’s digital world. When users are traveling or need to work from home, employees can use their corporate-owned device to establish a secure network tunnel back through their VPN to the corporate data centers and then access the apps and data running on servers. The quality of this experience depends greatly on the latency and the bandwidth of the remote connection. People are able to work, though with a compromised experience that may reduce productivity.
Latency is a common issue with VPNs. Another issue is the lack of scalability, which has become a priority in recent months. VPNs were provisioned for the use case where maybe five percent of people are working remotely. This means VPNs suffer from significant scalability and agility limitations. The technologies instead hinder enterprise growth in relation to what’s possible today with alternative approaches. In addition, the amount of infrastructure required to support 100 percent of your employees using the corporate stack of VPN concentrators for remote work is exceedingly expensive, and that is even if you can find inventory to order.
Then there’s the security issue. It’s already difficult to manage updating and patching corporate PCs with the latest security updates, even when the PCs are on-premises. IT and security leaders are acutely aware that a single unpatched PC can put the entire company in jeopardy. However, this risk increases by an order of magnitude when PCs are remote and connected to the data center / centre via a VPN.
The ability to patch PCs becomes more difficult because the PC may be offline, or it might not be connected to the corporate network. In addition, updates can be interrupted mid-stream more frequently when they are remote. Cloud VPN, also known as VPN-as-a-Service, has also entered the marketplace, but it still suffers from many of the same issues of traditional VPN.
Cloud desktops: three benefits
As they demonstrate their ability to overcome standard VPN drawbacks, cloud desktops, Desktop-as-a-Service (DaaS) and cloud-based VDI are quickly gaining traction in the market. In fact, Gartner analysts predict a growth of 95.4 percent for DaaS by the end of 2020, rising to $1.2 billion. This stands to reason, as organizations continue to look for cost-effective ways to support the onslaught of remote workers and to make access to enterprise applications secure across multiple devices and locations.
Since cloud desktops are centralized in a secure cloud and data does not reside on endpoints, they offer better security. They often use encrypted proxied connections to ensure security, with no virtual network tunnel. VPNs create security concerns because they do not regulate access to an organization’s applications, but only to its network perimeter. Conversely, large-scale cloud services providers offer more options for secure access.
ESG’s Are Desktops Doomed? report found that almost 8 in 10 organizations believe VDI or DaaS is more secure than traditional desktops, and 39 percent of respondents said DaaS improved security by keeping sensitive data off devices. The research firm also found that in terms of making the case for investment in VDI or DaaS, security and compliance was the second-highest justification, after greater IT efficiency.
Traditional VDI had scalability issues, but today’s modern DaaS/cloud desktop options have vastly improved upon this. If an organization wants to add more users, it’s now possible to simply add more licenses. In most cases, users can be added in minutes and everything scales automatically. Organizations can also expand their footprint to one or more new cloud regions and move some users to different cloud regions as needed. And once cloud set-up is complete, it is relatively easy and quick to expand to new use cases.
Cloud equips business for the long haul
Remote work was an initial quick fix until employees could return to the office. But months later, there’s no obvious end in sight. Organizations that already had infrastructure in place had to address the challenge of scale, and those that had little to no remote work infrastructure had to cobble together a system. Companies that chose VPN have often been disappointed by poor performance and scalability. And in the rush to change, security may have been overlooked.
But now that cloud desktops are available, organizations don’t have to make the difficult choice between performance and security. Cloud desktops provide a high-quality experience for uses at a lower cost than VPN, and with greater security and scalability. Even when the powers that be give the ‘all clear’ to return to headquarters, remote work will remain an option for most organizations. Cloud desktops are a short- and long-term option. It’s a sound long-term business play, then, to transition to an agile solution that helps organizations navigate a world fraught with risk.
Brad Peterson is vice president of marketing, Workspot.
Brad leads marketing strategy and operations for the company’s vision of securely delivering desktops, workstations and apps via Google Cloud and Microsoft Azure.
Previously, Brad was Vice President of Marketing at DocuSign (IPO), the global leader in eSignature and Digital Transaction Management. Before DocuSign, Brad worked with Citrix for almost a decade where he built the global EBC program, produced solutions videos driving millions in pipeline, and was a regular keynote speaker for Citrix and partner events globally. Brad joined Citrix in 2004 through the acquisition of Net6, where he relocated to the Citrix EMEA headquarters in Switzerland and launched the new security appliance business over a two-year period to a $30M run rate. Brad has also held executive roles at Net6 (acquired by Citrix), Octane (acquired by E.piphany), BayStone (acquired by Remedy) and Auspex (IPO).