Once the staple for securing employees working remotely, VPNs were designed to provide secure access to corporate data and systems for a small percentage of a workforce while the majority worked within traditional office confines. The move to mass remote working brought about by COVID-19 in early 2020 changed things dramatically. Since then, it has become the norm for large numbers of employees to regularly work from home, with many only going to the office sporadically (if at all).
VPNs are insufficient for the remote working and hybrid landscape, and an overreliance on them to secure large numbers of employees working from home poses significant risks. “VPNs originally helped companies manage a few employees or third-party contractors who needed remote access to certain systems while working remotely,” Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, tells CSO. He adds that it has also led to negative impacts on employee productivity and user experience, all adding to increased friction.