Why do IT organizations continue to use dangerous and expensive VPNs?
In 2020 and 2021 during the COVID highs, most companies bought many more VPN licenses in order to enable their employees to work from home, and given the fact that hybrid work is here to stay, many of the IT organizations continue to be “saddled” with the burden of maintaining these dangerously vulnerable and costly VPN solutions.
Security and ease of use data tells us that legacy VPNs are not best of breed options for secure remote access. Constant newsworthy and often purposely not disclosed exploitation of VPN gateways are now common occurrences and more organizations are turning to ZTNA and SASE solutions as these numbers are growing double digits. The question should not be whether VPN is on the decline or not, the real question remains… “why do many organizations continue to use dangerous and expensive VPN solutions at all?"
Simplify and save while securing your environments with Oplon Secure Access (OSA) all through one unified workspace using only your browser.No client, no agent and no headaches for support teams! OSA is a simple yet secure solution that will reduce the IT burden of maintaining and managing VPN clients, agents and plugins while the making user experience better and ramping them to productivity faster. Imagine onboarding a new employee or a contractor or third-party vendor: with OSA you do it by simply supplying a URL, a single password and multi factor authorization mechanism, regardless of whether that user is an executive accessing a Cloud tool or a system engineer who needs to access hundreds of devices or services on the local network and in some cases multiple networks as MSPs (Managed Service Providers) for example.
OSA eliminates the need for VPN clients and agents on the back-end services, dramatically cuts down the need for multiple passwords that System Administrators often need to maintain to manage multiple services though a spreadsheet with all the passwords just waiting to be hacked and used against an organization or worst - multiple organizations - as may be the case for an MSP.
To perform the onboarding of a new employee, it is currently necessary to provide a business laptop with the VPN client installed, but you often have trouble determining proper gateway to access or have configuration issues which means a ticket or call to IT Support. Often these users are not even employees of the company but contractors and third-party vendors who only need access to specific applications – often a single application – yet many organizations continue to provide them VPN access to the entire corporate network, expanding the attack surface and increasing risk and overhead. Reduce the attack vectors and decrease operational overhead by having those users access only the services they need through Oplon Secure Access - simply via their browser. Another major challenge that organizations faced when an attacker compromised the system was the fact that the attacker could perform several actions as admin or root user (Privileged User) and then delete or otherwise cover his/her tracks. OSA records ALL actions from All users including privileged users, thus even though external threats are already limited by the nature of the OSA solution, even properly authorized privileged user’s actions are unalterably maintained for reporting and visibility.
OSA allows IT organizations to migrate the services as quickly or as slowly as needed without business interruption. Organizations can continue to run their VPN, bring up OSA and migrate users or groups of users based on company priorities until they have migrated all users. During the migration process, users will continue to have access to their applications either through the legacy VPN or the new OSA system. When all target users have been migrated to OSA, the VPN systems can be sunset – reducing risk and mitigating costs.
VPNs have been in existence for a long time and frankly will probably never entirely go away – certainly for some purposes and types of organizations. However, with so much at stake for so many organizations handling sensitive corporate data, financial data, personal data and health records, reducing the attack vectors is imperative and if cost reductions can be obtained at the same time, Oplon Secure Access is simply a “no-brainer”.