Don’t believe the naysayers. Those sensationalist headlines telling you that the VPN is dead are just plain wrong. The VPN is very much alive. And very much a necessity for any organization that needs to give employees remote access to corporate resources.
The critical distinction is that VPNs are evolving. The ones that most people are familiar with are the old-school hardware-based VPNs built decades ago when employees sat in office buildings. Those solutions weren’t designed with remote work in mind and couldn’t provide IT teams with much information about the device or network usage. These are the VPNs that are dying.
Modern, truly mobile-enabled VPNs are a different breed altogether. With so many people expected to continue working from home even after restrictions are lifted, many organizations are in the process of re-evaluating their remote access solutions.
Optimizing the enterprise VPN experience for IT and end-users
Much like any technology, not all VPNs are created equal. For the enterprise, in particular, VPNs must meet a standard of excellence that reduces the burden on IT and security teams while providing a great user experience for workers who rely on the connection for productivity and efficiency. Here are some standards to consider:
- Device support – Standardization is vital when it comes to networking products. For example, if some of your employees have Mac devices but your VPN vendor can’t support them, it doesn’t matter what other bells and whistles the VPN comes with. Why add complexity to your network by introducing multiple solutions for each use-case? Find a comprehensive solution that’s compatible with all of your hardware and software. Not just for your current needs, but for the future, too. That means Android and iOS as well as Windows and macOS, even if you don’t have an immediate need for a VPN on those devices. If a VPN provider claims to have full support on mobile devices such as Android smartphones, make sure it is truly native and not just shoe-horned onto the device.
- Scalability – As many companies discovered recently, scalability is critical as demand changes. With a hardware-based VPN, growth and bandwidth require more devices. Many companies end up paying for two appliances because of their active-passive set-up. Organizations are naturally risk-averse, meaning that they don’t want to operate any systems that potentially have a single point of failure. Consequently, to get around the sudden demand for the bandwidth, they’re saddled with more equipment that they hadn’t budgeted for. Imagine that your company is growing. You may quickly outpace the physical (or virtual) hardware that you’re using. Look for commodity-based solutions built on something like Windows servers so that you can have almost infinite scalability, allowing me to spool up any number of servers depending on the need.
- Infrastructure – Most legacy VPN providers are moving to hybrid cloud solutions, although for now, it appears that these options are minimal and clunky in their implementation, so buyers: beware. When it comes to VPNs and hardware, the best advice is to stay away. A low initial price tag can quickly add up to an enormous total cost of ownership once you start factoring in upgrades, resource overheads, and scaling. Consider that many platforms require dedicated administrators with specialized skill sets who may be in short supply. Not to mention the fact that hardware takes time to order, install, and get up and running. The burden on medium-sized companies is the greatest. They face considerable IT needs, but they often have limited IT staff. They usually don’t have the resources to pay for outsourcing, which would mean even higher costs.
- Ease of use – IT doesn’t want to implement tools that cause a heavy lift, or that need a lot of end-user intervention or interaction, and they certainly don’t want something that the entire workforce is going to complain about. Ideally, they want the solution to be almost invisible to the user, but accessible to IT for visibility and security purposes. Users also want their devices to work, no matter what network or operating system they’re using.
- Customer support– Often overlooked, customer support is essential. During a POC, contact your customer support to learn how long it takes them to respond. How many people did you have to talk to? Was their recommendation useful and accurate? Remember, if the vendor isn’t able to adequately support you when they’re on their best behavior, it’s very unlikely that you’ll get the level of support you need when it’s crunch time.
It is true that in a decade from now, the enterprise VPN will likely have fully evolved into the software-defined perimeters that adhere to the zero trust principles that mitigate risk from mobile and remote workers. But with 98% of organizations still dependent on at least one on-premise application, the shift to zero trusts will not occur overnight. So, for the time being, the enterprise VPN remains a top priority for the millions of organizations around the world struggling to meet the demand of remote workers. VPN technology is by no means dead; in fact, the proliferation of remote work has reinforced its value even more.