With more employees working from home than ever before, business VPNs have seen a massive spike in usage recently. Employees need to be able to access company resources while working remotely and using a VPN is often the most secure way to do so. However, most businesses never planned to have so many of their staff using a VPN at the same time and this has led to problems for some organizations.
To better understand how companies can scale up their VPN and IT infrastructure to meet this sudden need, TechRadar Pro spoke to NetMotion Software’s chief marketing officer Joel Windels.
What are some of the difficulties that employees are experiencing now that they are working from home?
Working from home presents its own benefits and concerns. Three of the toughest challenges are overcoming problems with video conferencing, trouble accessing corporate files online and a lack of adequate support for employees from the helpdesk when things go wrong.
The coronavirus pandemic has led to a massive spike in the use of corporate VPNs. How are businesses dealing with this and have many found that they were ill equipped for this sudden surge in VPN use?
There’s been a breathtaking shift in the number of people working from home, obviously. Although a majority of medium and large-sized businesses had already deployed some kind of traditional VPN prior to the coronavirus, many of them simply weren’t ready for the sheer number of users or the volumes of traffic involved.
As employees continue to struggle and be less productive, these companies will need to shift to solutions that are more suited to the deskless environment. This will likely prove to be the death knell for hardware-based VPNs that can’t scale without additional investment in new equipment. As a result, software-based VPNs or software-defined perimeter (SDP) solutions will swiftly replace legacy VPNs as companies emerge from the lockdown and re-evaluate their remote access technology stacks.
What are some ways that businesses can scale up their VPN’s capacity to keep their remote workers protected online?
One of the easiest ways to ensure flexibility and scalability is to make sure it’s a virtualized VPN, and not necessarily reliant on a physical machine. Another important factor is to ensure that the VPN is highly configurable. In other words, to help relieve the stress on network bandwidth, the VPN should only be ‘on’ when it’s needed, and ‘off’ when it isn’t. This can be done a couple of different ways, such as using split tunneling or, even better, by implementing a solution that includes a context-aware policy engine that can figure out what data to send through the tunnel and when to simply allow the employee to work.
Are organizations compromising on security by turning to split-tunnel VPN? Is there another route around the bandwidth issue?
Lots of companies feel like they have to choose between tunneling everything so that they gain visibility and control, or tunneling only parts of their data but sacrificing visibility and control. Many instead are turning to content filtering that doesn’t require an open tunnel – for example a ZTNA or SDP solution – filling the visibility and policy gap even without using a VPN. This way, the organization’s most sensitive resources stay secure and hidden from would-be attackers, but the general activity of a worker remains as frictionless as possible, without compromising security.
NetMotion recently expanded its partnership with Microsoft. Can you tell us a bit more about the partnership and how customers can use your company’s VPN with Intune and Endpoint Manager?
An increasing number of organizations are embracing Endpoint Manager and Intune, which have a rich and valuable feature set for UEM but, crucially, do not include a native VPN for when traffic needs to be tunneled. Microsoft has always had a strong ecosystem strategy and in this instance has chosen to partner with NetMotion, helping address VPN requirements for its thousands of customers that are seeking additional security and remote access functionality.
Now that many workers are familiar with using VPNs do you think they’ll continue to use them after the pandemic is over?
The best security technologies are the ones that are virtually invisible to the end-user. VPNs, like most software, should be frictionless and have zero negative impact on the employee’s productivity. Unfortunately, many workers during the lockdown are realizing that they don’t really like having to use one.
As the use-cases for VPNs continue to evolve, ensuring they are not degrading the user experience in any way will be essential to their long-term application inside businesses. If a user has to reauthenticate and log into a VPN ten times a day to get their job done, then something will need to change fast. As we emerge from this crisis, IT and security teams will be assessing the impact of all of their tools upon the happiness and productivity of workers and will be changing anything not up to standard.
How has the VPN landscape changed in response to the pandemic?
Until very recently, VPNs had become unfashionable, with a plethora of vendors and commentators hailing the imminent death of the VPN entirely. However, the lockdown has clearly shown that there is still a pressing need for remote access, and that it is unlikely to go any time soon. The main shift taking place is the realization that the legacy VPN is ill-suited to the needs of 2020, and that it will instead be giving way to mobile-first and cloud-ready solutions – that means modern VPNs but also other technologies like SDP, ZTNA and CASBs. The simple truth is that network leaders need to demand more from their VPN, and that process just got accelerated.
What will be the legacy of the coronavirus outbreak where data privacy is concerned?
When considering the work environment today, it’s clear that the four walls of the office are no longer as relevant as they once were. Work takes place wherever the employee is located. Users should always be in a position of power when it comes to their data on their devices, naturally. Expectations are changing, however. Work being done on a corporate-assigned device is still the security responsibility of the employer. In the event of a data breach or compliance failure, it’s the CISO that’s held accountable. Managing, securing and protecting those devices from such incidents means a degree of oversight by the organization – even when being used in employees’ homes.
How might attitudes towards the monitoring of internet traffic/location data change as a result of the pandemic?
Best practice depends greatly on the industry, but in general employees today are more aware of the kinds of things their IT and security teams need to do in order to keep them safe. There’s a heightened expectation that employers have a responsibility to help employees stay productive and protected from attacks, even when they’re working remotely. Monitoring is a key part of that security strategy, but privacy absolutely must be at the forefront of the minds for IT leaders – there’s a big difference between checking for potential threats or data leaks and reading an employee’s personal WhatsApp messages, for example.
- Also check out our complete list of the best VPN services