Skip to content

VPN –使用“ Em”還是不使用“ Em”,情況會更好嗎?

Do VPNs make you more or less secure? This is a question many companies found themselves asking in 2019. From emerging reports of hacked VPNs to the rise of Zero Trust, VPNs were subject to much scrutiny in the last year of the 2010s. VPNs have been considered a key element of network security since the 1990s when companies began installing them to create secure connections between internal networks and outside users. But the world has changed since the 90s, as you might have noticed. Back in the 90s and early 2000s, the people using your corporate VPN were your employees. If they wanted to work while out of the physical office, they would log on to the company VPN and get access to resources as if they were working in-office. Today, trends like the gig economy and the use of third parties means that there are lots of outsiders accessing your network via VPN connections. This method offers no granularity, thus granting these external entities a direct access path into all internal resources. This creates a huge potential attack surface—and scarily, there’s little way to guarantee that users are legitimate. Moreover, at this past August’s Black Hat Conference, researchers performed a POC in which they exploited vulnerabilities in two major VPN providers. Then just a few days later, malicious attackers used that same code to hack the VPN provider’s customers. So not only did VPNs not keep their users safe, in some highly publicized incidents, they made their users less safe. Ouch.

Here Comes Zero Trust

But far more detrimental to VPN’s reputation has been the rise of Zero Trust. Zero Trust is not a “tool” or a “solution”. Rather it’s a strategy that posits that everything and everyone trying to access resources must be verified, whether they sit inside or outside your network. The traditional castle and moat, or “inside perimeter = trusted, outside = untrusted” approach doesn’t work in our complex and fluid work environment today. Thanks to the myriad of high profile breaches over the last few years, it’s clear that Zero Trust is the only way forward in security. And VPNs cannot verify anything, putting them at odds with a Zero Trust strategy. But if Zero Trust isn’t a tool per se, how are companies going about implementing it? We already understand that to adhere to Zero Trust, everything—everything—needs to be verified before being granted access to any resources and applications. One solid way to implement this is with a Software Defined Perimeter or SDP. SDPs allow organizations to provision secure access to applications only once certain criteria are met. If they are not met, the requesting party is denied access. This is a true Zero Trust architecture.

Should You Rip and Replace Your VPN?

But wait; Does this mean you should ditch your VPN and shift your application access over to an SDP? While some SDP-only proponents will shout a resounding “YES!”, that’s not necessarily the only solution. Moving over to a full SDP deployment is a huge step, one that is surely beneficial and wise in the end—but one that should be undertaken with carefully planned baby steps to ensure you get it right. And in this sense, retaining your VPN while getting started with SDP actually makes a lot of sense. For starters, they still fulfill their purpose of allowing you to securely connect to internal networks when off site via strong end-to-end encryption. Additionally, there are some risk-averse environments where ripping and replacing what you’ve already got isn’t an option. Many organizations simply want a safer, less aggressive way to incorporate SDP into their already existing architecture that also retains the benefits of their VPN.

SDP and VPN — Better Together

Now you can adopt a Zero Trust SDP architecture without getting rid of your VPN. Safe-T’s SDP enhances VPN security by adding SDP capabilities, allowing access to applications and services only after trust has been verified. Deploying SDP on top of the existing VPN offers a customized and scalable zero trust solution—with all the benefits of SDP while lowering the risks involved in adopting a new technology. It’s ironclad Zero Trust, with no changes to your users or how they access resources, as they can continue using your VPN client. So what’s the answer to whether or not VPNs make you more secure or not? The answer is that it depends; are you using it as part of a comprehensive Zero Trust strategy? If you are, you can rest assured that you’re more secure with it. Want to learn more? Click below to scheduele a demo.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Safe-T® Group Ltd.
Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data, while ensuring uninterrupted business continuity. Safe-T’s cloud and on-premises solutions ensure that an organization’s access use cases, whether into the organization or from the organization out to the internet, are secured according to the “validate first, access later” philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.

Safe-T’s wide range of access solutions reduce organizations’ attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.

With Safe-T’s patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.