Having the right connections: Are VPNs really fit for purpose?
Article by OneLogin global director of solutions engineering Stuart Sharp
Remote working has fast become commonplace in today’s business landscape.
Free from the stress of the modern-day workplace, employees are increasingly keen to opt for the laptop and crack on with work uninterrupted, all from the comfort of their own home. In fact, the Office for National Statistics (ONS) last year predicted that half of the UK workforce will be working from remote locations by 2020, many of whom cited how the increased flexibility can benefit their private lives.
Not all business owners are convinced. Many tech goliaths, such as HP, IBM and Yahoo, have recently rescinded the option for their employees to work from home, inciting an ‘if you don’t like it, leave’ approach.
The reality is that for many companies, having a high percentage of employees working from home just isn’t the same as having an office full of busy employees, and it’s mostly down to the ease with which employees can access corporate applications remotely. The Virtual Private Network (VPN) was created to resolve this issue and provide a secure link between an employee, at home or on the road, to the corporate network.
In fact, almost half (48%) of UK IT professionals surveyed by OneLogin require employees to use VPNs when working remotely. However, with 30% receiving frequent complaints that the use of a VPN slows down remote network access, many organisations are struggling to find a balance between productivity and security.
The survey also found that half of remote workers spend up to one day per week connected to unsecured networks in an effort to circumnavigate VPNs and get on with their job, leaving organisations open to a host of cyber threats.
With ‘not fit for purpose’ VPNs, organisations are inadvertently making remote working impossible. The creativity, productivity and efficiency benefits that remote working originally boasted are being buried under a sea of stressed remote employees and IT teams battling complaints.
Organisations have outgrown the outdated tech they still rely on and can no longer afford to use unreliable VPNs that encourage employees to flaunt security best practices. If employees continue to favour unsecured networks, a cybersecurity catastrophe is just around the corner, particularly with the deadline looming for the EU’s General Data Protection Regulation (GDPR) on May 25th, 2018.
Under GDPR, if data gets into the hands of cybercriminals as a result of neglect or employee ignorance, businesses could be faced with penalties that start at €10 million and can go up to as much as €20 million or 4% of a business’s annual turnover, whichever is higher.
While having a fully cloud-based strategy seems ideal for many, it isn’t always easy to realise. Many organisations, and particularly enterprises, are battling with a hoard of on-premise legacy IT systems. But the reality is that they simply can’t just move everything into the cloud overnight. IT policies and end-point management strategies need to account for both cloud and on-premise IT infrastructures. Neglecting either of them is not an option.
In order to evolve, businesses are on the hunt for a low-maintenance solution that handles employee provisioning and deprovisioning (when employees leave a company), while also improving security and reporting. To meet this demand, Identity and Access Management (IAM) providers need to step-up to the plate and offer solutions that manage both on-prem and cloud environments from one unified platform.
So how can companies make this a reality?
Regardless of whether companies deploy more on-premise or cloud applications, having one unified access management platform will simplify and manage access in real-time. Coupling this with a smart IAM system that can power intelligent authentication tools, bolster security measures and increase functionality for end users will only propel industries towards digital transformation in a safe and secure fashion. In today’s competitive landscape, business efficiency and agility are necessities -- and safe and effective remote working has a key role to play going forward.