Happy Lunar New Year, page-15

Status is online

Steve King, CISM, CISSP• FollowingManaging Director, CyberTheory, Founding Board Member at CyberEd.io, Forbes Technology Council Member13h • hours ago

Virtual private networks (VPNs) have long been under fire as an enterprise mainstay.

Now, we have seen enough workplace leakage and vulnerabilities, it is timely to call for an end to the VPN.

Every Marketer I know has been also calling for the end of the phrase, “the new normal”. VPNs have historically been tossed into the fray as we seek immediate relief from expanded remote working vulnerabilities and a continued ability to work from anywhere with assurances that our work is protected.

Let’s take a step back for a moment. Everyone is tired of talking about “the new normal.” The remote workplace trend long predates COVID-19, and the impact of COVID-19 was softer in office settings where remote work may have already been an option.

VPN technology was built to provide access and protect data beyond the traditional walls of a company network. It is deployed as a business enablement tool providing that extension, and it has generally worked, at least for end users who have opted for a version that employs IP Set wrappings in the context of a VPN Tunnel.

Most do not.

In recent years, we’ve seen dozens of VPN vulnerabilities exploited in major business and government breaches. VPNs have become a target, as hackers now know if they can breach a VPN, they no longer have to worry about traditional security controls such as firewalls—they now have complete access to a company’s network.

Instead of the “castle and moat” security architecture assumptions, folks should carefully understand and plan what resources should be available inside the company network, what users truly need access to those resources, and a basic policy of least privilege to avoid granting access unless necessary.

The zero trust model of refusing access by default to any person or system unless needed, represents a constructive movement towards a more secure architecture.

Privileged access management (PAM) within Identity Authentication is a key piece of the zero trust approach and is rapidly evolving to a security architecture where you can safely replace VPNs. End users have so much to pay attention to as move swiftly to cloud computing on the edge with 5G underpinnings, it will be virtually impossible to provide required oversight on a network’s performance, yet alone security.

We now see a few promising anti-VPN offerings on the market that do so much more, security leaders with full plates would be wise to take a quick look and make an even quicker decision, as busted VPNs are now beyond the near horizon and entering your homes as you read this.

Marketers who pull their products away from an intellectual grounding in VPN connectivity will survive and scale across the upcoming war in VPN replacement, while others will not.

How about you? Survivor and winner, or stalled out as a loser?

The race is on.

Very good post from