Zscaler’s ‘2021 VPN Risk Report’ has found that 72% of organisations are planning to move away from virtual private networks (VPNs) in favour of a zero-trust model.
67% of respondents are considering using remote access alternatives instead.
Chris Hines, director at Zscaler, is glad to see that enterprises understand the value of zero-trust architectures and their security benefits.
He believes that the more secure approach is to eliminate network access and replace it with direct application access.
He said that the way to do this is to employ cloud-delivered zero-trust access services.
Last year saw a trend of shifting work to a remote location.
While some businesses will keep such arrangements, others are exploring a more hybrid approach, reports Timur Kovalev, CTO at Untangle.
One problematic aspect of remote work and an increasingly distributed workforce is security.
Dor Knafo, CEO and co-founder of Axis Security, believes that running applications over a VPN creates vulnerabilities.
This is due to VPNs being inherently open networks.
Knafo added that VPNs tend to be overly permissive, providing too much trust in the user once the point of authentication has been completed.
On the other hand, cloud-based zero-trust network access alternatives differ in the way that they work and therefore minimise the risk of an attack.
Furthermore, they allow for continuous security monitoring.
Kovalev pointed out that access is not granted unless it is deliberately given.
The report from Zscaler also found that:
- 93% of respondents have deployed VPN services despite being aware that cybercriminals can exploit them to attain access to network resources.
- Respondents believe that social engineering is the most concerning attack vector (75%), followed by ransomware (74%) and malware (60%).
- 77% of respondents say that their workforce will be hybrid, with greater flexibility for remote workers.