As we enter 2022, all signs indicate hybrid working is here to stay. According to the Director of Google Workspace Asia Pacific, nearly 43% of people are finding themselves in a hybrid work arrangement vs. pre-pandemic days when 78% of people had zero remote workdays in the week.
There’s no doubt that many are benefiting from a ‘best of both worlds’ approach to work – including bad actors. In fact, the Cybersecurity and Infrastructure Security Agency (CISA) reported that four of the most targeted vulnerabilities in 2020 affected remote work, VPNs, or cloud-based technologies.
This concern is exacerbated by a recent EY report which revealed 56% of businesses in APAC admit to sidestepping digital protection measures so new requirements for flexible work arrangements can be implemented, despite 48% expressing increased concern about their company’s ability to manage security threats.
So what can be done to best protect today’s distributed workforce who rely on many cloud-based applications, often on their own unmanaged devices?
Enter a Flexible Alternative to VPN: Zero-Trust Network Access
Previously, employees who were well-versed in handling VPN connectivity from a remote laptop could simply dial into enterprise systems via a VPN client and were granted pretty much carte blanche access to roam across the entirety of the enterprise’s systems. But that approach comes with a hefty amount of faith on the part of the employer.
For example, by taking this approach, how would they know the person accessing from remotely is actually who they say they are? And that their device(s) are as up-to-date and malware-free as possible? The truth is that in today’s distributed and mobile world you can’t. Or more accurately, you can’t when relying on VPNs alone.
There are plenty of resources out there explaining the alternatives to VPN reliance, which still prioritise safety, security and speed – ideal for today’s fast moving businesses.
As market research firm Gartner states “as more organizations transition to remote work, zero-trust network access (ZTNA) has piqued the interest of organizations seeking a more flexible alternative to VPNs and those seeking more precise access and session control to applications located on premises and in the cloud”.
Today’s zero-trust network access (ZTNA) technologies can dictate a granular approach as to who or what is allowed access to which resources, with which privileges. The tech verifies the user every time any application is being requested, and verifies the device every time it tries to access an application.
Crucially, ZTNA also provides a better user experience, particularly when accessing Web apps, as hundreds and thousands of users from one organization aren’t all cramming themselves onto the corporate VPN at the same time.
But as readers of Tech Wire Asia will be well aware, no two solutions are created equal, so what should you look for when choosing the right VPN-less secure remote access solution for your organization?
Be Flexible and Stay One Step Ahead
Hybrid working is not the only trend that has emerged from the pandemic. The great resignation has also been filling many column inches in the business press over the past few months. The very real truth is that you may find yourself with more new starters and recent leavers than normal, so it is important that the ZTNA solution you choose scales easily so they can be onboarded and offboarded as smoothly and securely as possible.
The solution also needs to support unmanaged devices whether for salaried or 3rd party employees. This is because 49% of enterprise devices are being used without any managed update policy and about 40% of organizations surveyed said they had experienced a mobile-related compromise.
The final key factor is that your ZTNA solution has to be able to support multiple application types, especially those most frequently used by employees. These are, not coincidentally, some of those most heavily targeted by adversaries:
Primary among targeted applications are those that are web-based, such as Salesforce, Google Workspace, ServiceNow, Workday, Box, and so on.
Secure Shell access to enterprise systems (SSH) that gives users, particularly system administrators, a secure way to access remote servers over public networks.
Remote Desktop Protocol (RDP) is still in common use allowing remote control of internal desktops from remote locations.
There is a useful guide to remote access protocols, their pros and cons, and some of the technology behind them available right here.
Duo Network Gateway
For CISOs, security teams and IT professionals in any organization, in any industry, anywhere in the world, the remote access proxy Duo Network Gateway allows employees, remote workers and contractors access to on-premises websites, web applications, RDP desktops and SSH services.
Duo Network Gateway provides a consistent user log-in process and secure verification across all applications, reducing password fatigue and increasing user productivity. Security need not be a compromise: in fact, refreshing the ways that your company grants external access to employees and 3rd parties can improve your overall cybersecurity provision.