• The new VPN workplace

    The global pandemic has forced a seismic shift in how and where work gets done, and for now it’s unclear when workers will be able to return to the office. According to a recent Gartner survey, 317 CFOs and finance leaders don’t think that it will be anytime soon. 74 percent also expect teleworking to outlive the pandemic and plan to move at least 5 percent of their previously on-site workforce to permanently remote positions after the pandemic ends.

     

    For decades, organizations have relied on VPNs to provide employees the ability to perform their jobs securely while out of the office, but VPN budgets have generally supported about one-third of workers using VPN services at any one time.

     

    In mid-March, VPN providers reported that traffic soared over 40 percent worldwide, peaking at 65 percent in the United States, days before the signing of the $2 trillion stimulus package. Some enterprises conducted stress tests on their networks (i.e., bandwidth capacity, VPN stability) before allowing the majority of their employees to work from home. Others scrambled to implement VPNs or buy more licenses. In a study conducted by OpenVPN, 68 percent of employees from 300 different U.S. companies claimed that their company expanded VPN usage in response to Covid-19, and 29 percent of employees became first-time users.

     

    While VPNs are relatively quick and less expensive to implement than a network architecture reboot, VPNs are not a panacea. The encrypted VPN communications and data tunnel still adhere to the basic premise that there is a protected perimeter a remote user needs to tunnel through to gain local access privileges to enterprise resources. VPNs also don’t prevent lateral movement or eliminate insider threats.

    Know more @ AWS architecture

    CISOs worry that IT personnel might cut corners when implementing VPNs, ignoring crucial security policies. They also worry about security analysts becoming fatigued by an increasing number of alerts, many of them false positives. Like the harp that woke up the sleeping giant in Jack and the Beanstalk, the sharp rise in VPN traffic has roused advanced persistent threat (APT) groups to curate new payloads and exploit existing vulnerabilities.


  • Commentaires

    Aucun commentaire pour le moment

    Suivre le flux RSS des commentaires


    Ajouter un commentaire

    Nom / Pseudo :

    E-mail (facultatif) :

    Site Web (facultatif) :

    Commentaire :