By Thyaga Vasudevan
VP of Products, Skyhigh Security


Welcome to our “Ask Me Anything” segment, where we invite our audience to submit security-related questions on LinkedIn or Twitter. Last month, our audience asked that we cover the bandwidth issues associated with Virtual Private Networks (VPNs). As Vice President of Products, I’m just the person to cover this subject.

We’ve been in a time of rapid change in our IT environments as companies shifted within controlled networks to employees working from anywhere. Many found the architectures in place couldn’t accommodate the scalability and security challenges of a decentralized workforce. According to recent research from McKinsey & Company, 58% of Americans are still working from home at least one day a week, demonstrating organizations have embraced new working norms that may be here to stay.

The Traditional VPN

When it came to working remotely, the easiest and most reliable solution used to be the Virtual Private Network (VPN). VPNs delivered strong functionality for many years by logically translocating users onto the corporate network.

However, the shift to the modern workforce via Covid-19 made obvious to all what CIOs and CISOs had already known: VPNs had major vulnerabilities and bandwidth limitations. For many enterprises, the first sign of VPN trouble manifested the very day employees needed access to the organization’s private applications. Because VPNs had not been designed to scale due to the increase of volume and distribution on account of so many new remote workers, they couldn’t rise to the occasion. VPNs require routing remote and distributed user traffic to data centers, creating an inefficient process with slow scaling appliances and inefficient traffic routing. They also provide inadequate security controls, due their ability to provide full network access to all users.

How Zero Trust Network Access Enables Work from Anywhere Demands

VPNs grew more and more ineffective when devices accessing them were no longer corporate-approved. Another problem encountered, according to a 2021 study by CloudKnox, reports that 90% of users in a VPN were using less than 5% of the granted permissions. IT leaders have been rethinking the traditional user experience and access model, and increasingly turning to a Zero Trust Network Access (ZTNA) approach to enable their hybrid work environment.

With ZTNA, organizations can go beyond data access and focus on data use, allowing teams to collaborate on private apps without sacrificing security. It offers stronger access control and unified policies using Zero Trust principles, along with other advantages over VPNs:

  • Infinite Cloud Capacity: ZTNA is built natively in the cloud, residing on a singular location in a cloud network from which traffic is routed. This is what makes ZTNA scalable and VPNs a security measure of the past.
  • Seamless App Connectivity: With ZTNA, there is no backhauling or complex network routing required. Users can visit a private app by just going to a URL as if it were a public website. Remote users experience lower latency and the ability to seamlessly connect to apps hosted in a public cloud, from a global network of Points of Presence. This dramatically increases bandwidth.
  • Enforces Zero Trust: ZTNA enforces the right user, the right device and the right permissions. Everything is authenticated, authorized, and continuously validated wherever it is found. ZTNA works with granular permissions based upon a user’s unique identity, from reviewing individual devices for upgrades or instances of malware.

Are VPNs Days Numbered?

There are still plenty of applications sitting behind VPNs, both HTTP-based and non-HTTP based applications. According to a study from Security.org, a quarter of the respondents used VPNs for business reasons only while 15% were using VPNs for both personal and business reasons. Small businesses were also using VPNs for their security needs. From an organization's perspective, transitioning from VPN to ZTNA can provide scalable cloud capacity to help solve the bandwidth management issue.

Visit us here to learn more about ZTNA as a solution for your security needs..