How Secure Are VPNs? Given Increasing Successful Attacks, It’s Time to Take a Hard Look at PAM for Zero Trust Solutions
By: Mohie Ahmed
Since the early 1990s, VPNs (Virtual Private Networks) have been central to providing remote users with access to the corporate network.
Thirty years later, in 2020, when legislation and population health initiatives mandated work-from-home, bad actors recognized and acted upon their massive opportunity to attack VPNs and initiate data theft and ransomware attacks as applications, in the heat of the moment, moved outside the traditional perimeter.
“Corporate VPN is an aging technology as organizations shift to more cloud-based services…However, in the wake of the global coronavirus pandemic, companies are realizing they have to fundamentally change the way they work,” wrote Rob Smith, Senior Director Analyst, Gartner.
VPN became the heart of remote access, but with only a small fraction of workers working outside of the office, only recently have CIOs and other IT leaders seen VPNs as a source of risk, leading IT decision-makers to reassess their long-term access strategy and use of VPN.
Due to the COVID-19 pandemic, the use of VPNs skyrocketed, expanding the enterprises’ attack surface.
A Cybersecurity Insiders 2021 VPN Risk Report surveyed 357 cybersecurity professionals, providing insight into the current remote access environment, the state of VPN within the enterprise, the rise in VPN vulnerabilities, and the role that zero-trust will play in enabling access to apps going forward.
- 93% of companies are leveraging VPN services, yet 94% are aware that cybercriminals are targeting VPNs to gain access to network resources.
- 72% of organizations are concerned that VPN may jeopardize IT’s ability to keep their environments secure.
- 67% of enterprises are considering a remote access alternative to a traditional VPN.
- 72% of companies are prioritizing the adoption of a zero trust model, while 59% have accelerated their efforts due to the focus on remote work.
There is no question that enterprises and organizations will need to support remote work as more employees and managers opt-in to the work-from-anywhere model. This dramatically adds to the burden of IT security teams, who are already overwhelmed, and now must make sure who is accessing their applications, from what devices, and from where.
We all felt the impact of the COVID-19 pandemic, including the surge in remote workers, which, according to the report, forced 71% of companies polled to increase their VPN capacity.
Increasingly large and pervasive VPN-targeted attacks by cybercriminals have, in part, been made possible by the lack of Privileged Access Management (PAM) essential services, such as enabling access without exposing superuser/system credentials or auto changing shared/system passwords and making them invisible to users, which leads to unauthorized access to network resources or late discovery of a breach. According to IBM, the average time to identify a breach in 2020 was 207 days.
The adoption of a zero-trust strategy through Zero Trust Network Access (ZTNA) has rapidly gained adoption in recent years, starting well before COVID-19 with the general increase of mobile workers.
The CyberSecurity Insiders report confirmed that zero-trust adoption has become a priority for many organizations, with 72% of companies interviewed sharing their plans to adopt a zero-trust model.
“The shift to zero-trust and work from anywhere has been a catalyst to changing how organizations protect remote access,” the authors explained. “When asked about their outlook for remote access, 77% of organizations say their future workforce will be hybrid, with greater flexibility for users to work remotely or in the office.
Fast forward to 2022; what does remote access look like at your company?
Employees have greater ﬂexibility to work remote during the week
15% Employees are now fully remote
8% Employees have returned to solely working in the office
While VPN has benefited from 30 years in the spotlight, the increase in VPN-targeted attacks, along with the continued shift towards mobility and cloud, has impressed on organizations the need for change in their secure remote access strategy, one built upon a foundation of zero trust principles.
In conclusion, here are the key takeaways:
With remote work expanding, users are everywhere, accessing apps from any device, and are accessing apps both in the datacenter and cloud.
VPNs are increasingly risky as socially engineered, ransomware, and malware attacks continue to advance, exposing the business to greater risk.
Businesses are concerned about VPN’s level of security and are looking to adopt a modern remote access approach, namely a zero trust model.
PAM is a mission-critical part of a robust IT security strategy, enabling enterprises to protect what they connect. It’s one thing to develop tools for a hybrid workforce and another to deliver ultra-secure remote access.
Zero-Trust can be combined with Zero-Touch, with the right level of AI and machine learning, with the right human-machine interfaces, and architectures that scale to support more automation driving more productivity while addressing risk by ensuring only those who should access corporate resources can access them.
As Cyber Attacks Grow, Data Center Operators Can Bring Value-Added Services to Enterprises Leveraging Cloud-Based Access Management Services
No threat facing businesses today has grown as fast, or in a manner as difficult to understand, as the danger from cyberattacks. Cyber threats are increasing in both volume and sophistication, and as the world continues to become more digital with every passing day, cyber threats will only keep growing in both aspects. As a result, organizations today are turning to robust cybersecurity solutions, such as Privileged Access Management (PAM), to keep both their data and their customer’s data safe.
Privileged Access Management as a Service: An Exciting new Value-Added Service for Data Center Service Providers
Given the increasing complexity of compliance, and the growing risk of data breaches, even as public cloud, hybrid cloud, and multi-cloud solutions are being implemented, businesses of all sizes need support in protecting what they connect, and many count on their data center providers for guidance and solutions.
Verizon’s Show-Stopping DBIR 2021 Is A Must Read for Every Cyber Security Professional: Stunning Data Amidst a Surge of Attacks in 2020
Verizon recently released its annual Data Breach Investigations Report (DBIR), which provides valuable insight and analysis into the cybersecurity challenges faced by organizations. The report this year analyzed 29,207 security incidents, with data coming from 83 contributors and victims spanning 88 countries, 12 industries, and three world regions, which found a confirmed 5,258 breaches, a 33 percent increase in volume from last year’s report.