Remote work is no longer the exception but the norm in our COVID-19 world. This is unlikely to change even after the pandemic. Already, many companies are adopting remote working policies and reducing physical office space. As companies embrace remote workers, now is the time to rethink your company’s remote access strategy and replace VPNs.
Trouble with VPNs
Virtual Private Networks (VPNs) have been around for 20+ years and were designed to provide remote workers, mobile users, branch offices, and trusted third parties with access to corporate applications and systems. Most companies have some form of a VPN network in place. When COVID-19 hit, companies had to rely on their VPNs for remote access for their workforces.
But VPNs were not designed to meet the needs of a full-time remote workforce. It was for the occasional remote use. Relying on VPNs for full-time remote workers creates several operational and security challenges.
The reality is…VPN technology is old, costly, and resource-intensive. Large corporate VPNs require a lot of IT hours to configure, maintain, and support. Not to mention that licensing costs are expensive. VPNs also have speed issues. VPNs consume up to 20% of a company’s bandwidth. This creates bottlenecks when everyone is working remotely causing systems to run slower.
Beyond the cost of VPNs, they create a significant security risk. VPNs serve as a front and backdoor to your data and applications. Opening up access to your whole network. More importantly, VPNs are designed to trust whoever enters the network. This is why hackers and malicious actors look for VPN misconfigurations and vulnerabilities to exploit. If a hacker gains access to a VPN and privileged credentials, they can move undetected through your network. They can change configurations, access sensitive data and cause serious damage to a business reputation.
With entire workforces using VPNs and companies exploring always-on VPNs, this drastically increases a company’s risk factor.
Replacing VPNs with Remote Access Gateways
According to Gartner remote workforce security is the single greatest imperative for organizations in the wake of COVID-19. Add to that Gartner’s Rob Smith recommendation that companies should not use always-on VPNs (unless absolutely needed). Now is a perfect time to rethink VPNs and remote access strategies.
Privileged access management solutions like XTAM offer an alternative to traditional VPNs – especially for remote users with elevated credentials or privileges. This could be IT and system admins, business users, or third-party users with special credentials.
At its core, XTAM is about managing and monitoring access to systems and data. In addition to all the traditional PAM features, XTAM can be used as Remote Employee Gateway to create a security perimeter across hybrid IT environments. It brokers access using HTTPs to specific resources allowing companies to use their existing identity providers such as active directory (AD), AzureAD, Office365 and MFA vendors including Google Authentication, Duo Security, etc.
As a result, remote users are forced to go through XTAM to access corporate systems. It eliminates the “all or nothing” access approach of VPNs and allows companies to control access at a very granular level using the principle of least privilege. This allows IT to restrict access rights for privileged users (as well as accounts, and computers/applications) to only those resources/permissions required to perform their job effectively. It can also leverage parameters like time of day, physical locations (as determined by IP address), days of the week (workdays) or other combinations. Each account needs specific justification/approvals for accessing the target system for a set time period. With XTAM companies can move towards a just-in-time access approach.
Unlike VPNs, XTAM logs, records, and monitors each remote session. Credentials and passwords are reset after each use for the highest level of security. Reporting and alerts can be used to notify IT of suspicious activities and determine the who, what, where and when. XTAM can also quickly terminate access rights to minimize suspicious activity (or for offboarding remote workers).
XTAM also provides the auditing and reporting functionality required for compliance – something VPNs don’t offer. Any company in a highly regulated industry will need to keep this in mind as they think of long-term remote strategies.
XTAM uses modern architecture, is completely agentless, and is built around the principle of least privileged. XTAM software can be used as a PAM solution or a secure remote employee gateway. Our intuitive user interface makes it easier for customers to implement, manage, and create customize workflows without the need for expensive consulting or services. XTAM is platform-agnostic supporting Windows or Linux, AWS, Azure, Web portals, and multiple RDBMS options. It integrates easily with AD, LDAP, MFA, SSO, and SIEM. XTAM allows users to use familiar tools for remote access or agentless WEB GUI XTAM is available in one affordable platform to help you simplify privileged access management.
As your company explores remote access strategies, consider creating a secure gateway using PAM solutions to manage access, improve security, and reduce your risk. Download a free XTAM trial today.