Techradar published a piece recently on how VPN security is causing businesses a lot of headaches; mainly because there is often a lack of security when using legacy VPN services. In a survey, highlighted by the article, although businesses around the globe have looked to the use of VPN services as a way to enable employees to stay connected and work from home during the pandemic, nearly two thirds of the survey respondents indicated that inadequate security was the number one concern and pain point with using VPNs. Despite other concerns such as cost, performance issues and reliability of services, security remained at the top of the list, with almost 40% of those responding believing that their corporate network had already been breached by bad actors. According to the survey, although many organizations revealed that they were not completely sold on utilizing VPN service going forward as a normal part of their operations, 86% of those responding said that they would consider other alternatives if they could offer improvements in terms of security, configuration and management, cost, performance and availabilty. These respondents also said that if there was an alternative that could limit remote users’ access to specific applications or services without creating a network attack surface, they would immediately embrace this option.
The Techradar article really serves to provide additional support to what Wedge has been stating for a long time and reinforces the warnings that we have brought up about the lack of security with legacy VPNs and the potential implications that some organizations may face when considering things such as VPN Split-Tunneling. The COVID pandemic greatly sped up the process and timeline for many companies who had been considering the move to allowing even just a portion of their workforce to a Work From Home (WFH) environment. Unfortunately, because of the need for companies to quickly put infrastructure in place in order to allow their workers to work remotely under government imposed lockdowns, many of these organizations were ill-prepared to deal with the security ramifications that simple legacy VPNs would introduce into their networks.
Although VPNs were initially put in place to allow workers to access documents and other content from their corporate networks, this was originally set up to service perhaps 5% of the workforce. When the pandemic hit, the numbers quickly shot up, with organizations requiring VPNs to service 95% or more of their workforce. This surge in usage revealed legacy VPNs’ stress points and limitations and quickly opened the doors for hackers to utilize these vectors of attack and to use them to their advantage. VPNs had provided some amount of security by allowing employees to use private tunnels to access their corporate networks; however, because of the lack of any sort of network security on their home networks, malware that was able to find its way onto these personal computers could then potentially use these VPN tunnels to propagate onto the corporate networks. This increased attack surface has been causing the huge headaches that IT staff have had to deal with.
Thankfully, there is a solution and that solution is Wedge Absolute Real-time Protection (WedgeARP). The key to the problem, being faced by so many organizations out there using legacy VPNs, is to make sure that there is a solution in place that is scanning the traffic going through the VPN tunnels; ensuring that all content is malware free, without causing any networks slowdown. And that is what the WedgeARP platform does and how it is able to provide the real-time threat prevention that is so sorely needed by organizations using VPNs. By situation itself into the network infrastructure itself, WedgeARP uses Deep Content Inspection to reassemble packets into actual content in real-time that can be scanned by multiple levels of AV services that are orchestrated on the platform, including AI and machine-based services that can detect zero-days and never-before-seen malware. Because WedgeARP is seeing content as it flows in both directions, it can detect malware that may have found its way onto the endpoint because of an unsecured home network and block it before it has a chance to work its way through the VPN to breach the corporate network. Managed through a single pane of glass, WedgeARP can provide IT staff with actionable intelligence that it can use to determine where attacks are coming from and where they are being directed to. As well, because WedgeARP can orchestrate a wide variety of security services, security policies such as limiting remote user access to specific applications and services can be put in place for all users; further reducing the attack surface for the corporate network. As Techradar mentioned, users have been looking for an alternative to the lack of security on legacy VPNs and WedgeARP is that secure alternative. To learn more about how WedgeARP is securing the WFH environment by providing much-needed VPN security, contact our team at: info@wedgenetworks.com.
