When your goal is to protect your customers' data and your application infrastructure, paranoia abounds. If everyone and everything you know is vulnerable to being compromised, who do you trust? No one. Especially not your business VPN, which has experienced a major fall from grace.
Ten or 15 years ago, enterprise VPN solutions were the corporate world’s de facto security standard for safe infrastructure access, and over time they became an increasingly popular consumer product. Now the federal government is telling its agencies to never use VPNs, and the business and consumer worlds have seen VPNs play key roles in recent high-profile breaches. A VPN was the entry point for the infamous Colonial Pipeline hack, and a breach of VPN provider SuperVPN led to more than 360 million data records being leaked.
What Happened to VPNs?
Why the reversal in fortune for VPNs? It’s a combination of two things: a shift in the way that people work and the realization that VPNs were never really sufficient in the first place.
VPNs allow users to establish a private connection (or a “tunnel”) with an organization’s network. This is useful for ensuring that outside observers can’t monitor the data sent back and forth between the user and the network. And in the days when just a handful of employees worked remotely, enterprise VPN solutions got the job done.
Or so it seemed, unless you looked closely. VPNs are good at getting users into networks but less good at controlling what users do once they’re inside. Users can move laterally to access systems at the same security level that they maybe shouldn’t have access to. If users need to use a VPN to access multiple network components, they may eventually collect passwords for every possible component — an issue known as privilege creep. While segmented VPNs provide some additional access control, they fall short of true specificity. The only way to provide highly specific access and keep users from becoming overprivileged is to build around the VPNs enterprises use to add a network of additional security technology. Unfortunately, such a tangle of technologies is time-consuming and costly to set up and maintain (especially SSH key management).
Even if all of these things worked perfectly for authorized users, malicious actors could still cause trouble. VPNs are difficult to infiltrate, but if someone does get their hands on the necessary credentials, there’s little recourse, as the VPN is the “root of trust” — something that is trusted to properly authorize users. If your root of trust falls, so does your security.
When Replacing Enterprise VPN Solutions with Zero Trust, Don’t Trust Your SSO
Cybersecurity professionals eager to move past the insufficiencies of VPNs for enterprises are adopting zero trust infrastructure access solutions. Every user must be verified and given access only to the targets they are authorized to see. A single sign-on (SSO) provider is a common way to verify each user. But the SSO is a root of trust. If the SSO provider gets breached, bad actors can obtain valid credentials and use them to infiltrate your network.
To avoid having your SSO become your weak point, you can simultaneously verify users with a third party and only grant access when both the SSO and third party verify the user. This security model drastically shrinks the chance of a breach — as both roots of trust would have to be compromised by bad actors at the same time, which is tremendously unlikely.
The Benefits of a True Zero Trust System
Replacing your business VPN with a true zero trust infrastructure access solution with multiple roots of trust provides a sweeping set of benefits that can have a transformational impact on your company’s security and operations.
Of course, the benefits of a modern software-as-a-service (SaaS) solution is greater and more granular security and policy. Unlike with a VPN, you can give users just-in-time access to a specific target and revoke it at any time. You can also grant permissions by role, so if a specific job title needs to reach multiple targets, it’s easy to make it happen without the risk of lateral movement. Advanced monitoring features allow you to track commands and view session recordings for robust auditing.
Logistically, a SaaS provider is much easier to work with than a VPN. A SaaS solution like BastionZero can easily connect with targets, reduce or eliminate the need for password management, and quickly integrate with your SSO. This frees engineers to focus on things that require brainpower rather than spending their time maintaining infrastructure access systems.
How to Move Beyond a VPN
Replacing your VPN is a process that varies based on the zero trust provider you are adopting. However, the transition can be quite straightforward. With BastionZero, setting up our solution requires only three main steps:
- On each user device, install BastionZero’s zero-trust command line interface (ZLI) or the desktop app with a graphical user interface for easy usage.
- On each target, install the BastionZero agent.
- Define policies that determine which users can access which targets.
This simple process is a far cry from the work needed to build and manage a network of additional security around a VPN, and it’s safer as well. Plus, even if you use authentication technologies like SSH keys, you can strengthen your security by integrating BastionZero alongside them.
Preparing for a world where you trust no one may sound grim, but it ultimately saves business resources and strengthens security. BastionZero offers the technology and ease of use needed to transition away from a business VPN and introduce our MRZAP model, which relies on two separate roots of trust to minimize the odds of a breach. Our SaaS functionality saves you time, money, and effort while being easy to set up.