It’s time to replace legacy VPNs with Zero Trust Network Access. Here’s why
At TechSparks 2021, Adam Boynton, Regional Sales Manager, Wandera, a Jamf company, explains why businesses of all sizes are accelerating the switch from VPNs to Zero Trust Network Access.
Founded in 2002, Jamf is a recognised tech leader that creates IT software that manages Apple devices. More than 57,000 organisations and managing over 25 million devices, including 24 of the 25 most valuable brands across industries all over the world. In addition to Apple, the company has also expanded its offerings to support Windows and Android.
In July 2021, the company acquired, a leader in Zero Trust Cloud Security and Access. With the acquisition, Jamf is uniquely positioned to help IT and security teams confidently protect devices, data, and applications while extending the intended Apple experience through the most robust and scalable Apple Enterprise Management platform in the market.
At YourStory’s TechSparks 2021, India’s most influential startup-tech conference, Adam Boynton, Regional Sales Manager, Wandera, a Jamf company, highlighted why there is a need for a Zero Trust Network Access model and how it can deliver value for companies.
More than half of all internet traffic is associated with a mobile device. And with so many organisations taking to hybrid work, mobile is now part of a normal workday for most employees.
Business applications are following a similar path, transitioning out of the data centre into the cloud. Today, more than 85 percent of business applications are being hosted in cloud platforms, which increases business agility and makes employees more productive than ever.
The fundamental challenges with VPNs
“The way IT services are delivered and consumed has fundamentally changed enterprise security. With significant advances in cloud computing and mobile technologies, data is no longer constrained to corporate data centres, which obviously means the enterprise perimeter has fallen,” Adam explained.
He shared that while traditionally, virtual private network (VPN) has been the way in which businesses have enabled access to their employees, it is now becoming a legacy solution.
A critical design flaw of the VPN is that it is insecure by design.
“VPN tools typically connect users to remote network segments that house multiple applications. This means any user or an attacker that can get onto the network to access a single application can also access everything else within the network.”
Large VPN deployments are also complex to manage, in some cases needing large dedicated teams. The other most often overlooked challenge with VPNs is its impact on productivity. In addition to slow connection speeds, VPN significantly impacts the device’s battery.
“VPNs were not designed with end-users in mind,” Adam shared, going on to explain why a Zero Trust Network Access becomes the most sought-after technology to replace a legacy VPN.
Understanding Zero Trust Network Access
Zero Trust Network Access is fundamentally an IT security model that requires strict verification of every individual device that attempts to access sensitive resources on the network, no matter where they are located.
“The first principle of Zero Trust Network Access is trust no one,” Adam said.
Adam also explained how the identity and authentication of an end-user is a cornerstone of the model.
“So, one way to think of Zero Trust Network Access is that it creates and manages individualised perimeters containing two entities - the user and the application with which they are interacting. So before connecting to an application, the user and the device must authenticate and verify they have permission to access that particular application.”
For example, an organisation with multiple applications that are being maintained by it would use Zero Trust Network Access to force user devices or workloads to be authorised separately for each application access.
In addition to the strict controls on user access, Zero Trust Network Access systems must be device-aware and require assurances that every device is authorised. By denying connections for anonymous devices, the attack surface is ultimately further minimised.
Advanced zero-trust security models also incorporate risk assessment of each device, leaving nothing to chance. These, he noted, were some of the big factors that are accelerating the switch.
In fact, Gartner predicts that by 2023, 60 percent of businesses will phase out their VPN and replace them with Zero Trust Network Access.
Why CXOs should look into investing in Zero Trust Network Access Solutions
Addressing IT leaders, Adam said in addition to modernising an organisation’s approach to cybersecurity, increasing business resiliency, fostering end-user productivity, and enabling faster deployment of new applications, Zero Trust Network Access also helps to decrease operational cost.
“Firstly, the direct cost of using a cloud-based Zero Trust Network Access solution is typically half that of a traditional remote access solution.”
Adam also emphasised that a Zero Trust Network Access solution is more than just about security. Unlike other security solutions, the solutions improve the agility and flexibility of the business while also decreasing costs. He added that an added advantage to consider is that the actual cost of the migration is very small, driven by its cloud-based architecture and a scalable licencing model.
Secondly, Zero Trust Network Access works in parallel with existing remote access technologies while they're being phased out. This model allows organisations to very successfully deploy new applications or critical applications via Zero Trust Network Access solutions whilst leaving the majority connected via that legacy solution that is in use.
Then, as business applications are upgraded or moved to the cloud, they can easily be migrated to Zero Trust Network Access solutions.
So in contrast to many old technologies that run on applications hosted in the data centre, as SaaS-based solutions, Zero Trust Network Access solutions do not require hardware to monitor, software to patch update, or rackspace that is rented in a data centre for an existing remote access appliance, resulting in an immediate cost reduction.
As a cloud-based service, all operational tasks are performed by the provider who ensures that the service is maintained to enterprise-grade standards.
Adam shared that because Zero Trust Network Access Solutions decrease the complexity of the technology stack, the number of hours spent during the design of deployment will reduce significantly. This would have an incremental effect and substantial savings over several years.
Zero Trust Network Access solutions are truly built to enable the modern workplace and its remote working environment, Adam said.
Watch the video to deep dive into Zero Trust Network Access and the workings of Jamf security portfolio.
To log in to our virtual events platform and experience TechSparks 2021 with thousands of other startup-tech enthusiasts from around the world, join here. Don't forget to tag #TechSparks2021 when you share your experience, learnings and favourite moments from TechSparks 2021.
For a line-up of all the action-packed sessions at YourStory's flagship startup-tech conference, check out TechSparks 2021 website.
Edited by Teja Lele