Follow us on LinkedIn, Instagram, Facebook, YouTube and Twitter
By Francois Teo
Tweet
One of the biggest shifts in the workplace as a result of the pandemic is the trend of remote working. While some companies used to offer the ability to work from home as a benefit, it has now become the norm for most businesses.
According to a survey by the Malaysian Employers Federation (MEF), 61.7 per cent of companies want to continue with a hybrid work arrangement – meaning they have the flexibility to work from home or anywhere they want. This arrangement is only made possible with the use of a secured and reliable internet connection.
Over the years, many have relied on remote access VPN, providing a secure method to remotely access systems and resources on the network. VPN was developed to reflect the experience of being back in the office. Once you are in, you have broad access to everything on the network. However, this poses many cybersecurity risks to employees and employers.
On the other hand, Zero Trust Network Access is based on the principle that any connection to your network should be treated as hostile until it has been authenticated, authorized, and granted access to resources.
Traditional remote access VPN vs ZTNA – here are several differences between a traditional remote access VPN and ZTNA.
Trust
With remote access VPN, users are implicitly trusted with broad access to resources, which can create serious security risks, especially with the rising number of hybrid and remote workers who may be working on public and unverified Wi-Fi networks. ZTNA treats each user and device individually – this is so only resources that the user and the device are entitled to access are accessible. Ultimately, this reduces the risk of attack and protects data across your entire organisation and every single user, wherever they reside. ZTNA includes monitoring of device health not only before but even after access is granted to the resource. Any change in device posture would lead to revocation of the application access.
Remote connections
A single point-of-presence on the network is provided by remote access VPN, which could lead to inefficient backhauling of traffic from various locations, data centres, or applications through the remote access VPN tunnel. Whether connected from a home, hotel, coffee shop, or office, ZTNA works as effectively and securely. No matter where the user and device are situated, connection management is secure and transparent, providing a seamless experience for the user.
Additionally, ZTNA is a great way to ensure greater security controls during Remote Desktop Protocol (RDP) sessions. RDP has a number of known difficulties, including unprotected default ports, a lack of support for multi-factor authentication, broad network access, and of course, security vulnerabilities. RDP server vulnerabilities and mistakenly-open RDP connections can be directly exploited by attackers, who leverage such exploits to identify themselves as trusted RDP users. ZTNA’s authentication features would consider such users as hostile acting as a layer of defence against attacks.
Visibility
Remote access VPN is unaware of the traffic and usage patterns it is facilitating, making visibility into user activity and application usage more challenging.
ZTNA access can provide better visibility into application activities because it is micro-segmented. This makes monitoring application status, capacity planning, licensing management and auditing much easier.
User experience
Remote access VPN clients are notorious for offering a poor user experience, adding latency or negatively impacting performance, suffering from connectivity issues, and generally being a burden on the helpdesk. These problems won’t help when you’re rushing to meet a deadline.
ZTNA automatically creates secure connections as needed, which gives users a frictionless experience. The majority of users won’t even be aware that the ZTNA solution is protecting their data because everything is done in the background.
Administration
For organisations, it is challenging to set up, deploy, enrol new users, and decommission departing users of remote access VPN clients. On the firewall or gateway side, managing VPN can also be difficult due to various nodes, firewall access rules, IP management, traffic flows, and routing. It soon turns into a full-time job.
ZTNA solutions tend to be a lot more streamlined, cleaner, and simpler to deploy and manage. They are also quicker and easier to administer on a daily basis because they are more adaptable in rapidly changing environments where people, apps, and devices come and go especially now with the increasing number of remote workers.
Taking the above into consideration, the “never trust, always verify” approach would be useful for companies with multiple resources that need to be shared remotely. Sophos ZTNA is a cybersecurity solution that has been carefully designed to make zero-trust network access easy, integrated, and secure. Most recently, it was named Frost & Sullivan’s Global New Product Innovation Award winner, recognized for its superior protection, industry-first integrations, innovative capabilities, and ease of use. It ensures that users have secure access to only the resources that they need.
About the author: Francois Teo is the Senior Regional Manager ASEAN of Sophos. This is an opinion column. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of this publication.
Editor’s Note: You can now download our app on the Google Play Store or the Apple Store, or write your next best-selling novel with our sister app Toolis, available on the Apple Store and Google Play Store or purchase something from us at www.tapiroo.com, yayaezzy.com or at lazybumskincare.com.au. Also, check out our rate card and media kit here if you would like to advertise with us on this website. Thank you!
Like What You Read
Howdy! Thanks for dropping by and reading our stuff. DailyStraits.com is an independent website that covers all things business and entrepreneurship related. If you like what you read, a little donation from your good self will go a long way in helping us run this site successfully. Thank you!
$5.00
Welcome to dailystraits.com.Please send all interview requests and press releases to editor@dailystraits.com. Thank you!