Your MSP clients want their workflow and data to be secure, and some of them have, over time, invested heavily in on-premise networks that they are now accessing remotely via VPN. VPNs that were not designed to handle the increased usage of sending everyone to work from home. We commend your tech leadership with those clients. It’s often hard to get business leaders (especially of startups and small companies) to see the value of investing in technology. That is exactly what many of you had to do during the initial days of the pandemic. Many small businesses have returned to the office, at least partially, but many are in a hybrid work schedule (like 3-2-2) that seems it may become the new normal. Is now the time we should be re-thinking how we access our data and applications?
As their systems age and employees are working from home more, could the money invested in on-site technology assets and VPN access be better spent?
Why are we still using VPNs in 2021?
The general answers to this question surround topics such as familiarity for users and ensuring the security of the business network. Even compliance to HIPAA and FINRA is still used in the pro/con assessment of whether VPNs still have a place in business workflow. Maintaining data governance and privacy is a paramount concern to any size business and will become even more so.
VPN access to in-house company servers has served as a reliable stop-gap measure as cloud technology matured. But now that cloud-based virtual machines and data access is used securely by companies every day, is that stop-gap measure still the best expenditure of money and a good option for data security?
COVID-19 Didn’t Help Matters in the Judicious Use of VPN For Business
In the rush to get everyone working from home in the wake of pandemic lockdown orders, companies with traditional on-site IT infrastructure turned to employee VPN access as a solution to their new remote workflow challenges – but maybe not the best solution.
The question of VPN and on-premise servers vs. cloud-based applications/workflow is likely one that your MSP is now having with clients in your quarterly business reviews.
This article is intended to give you some “talking points” on the side of helping your clients see the potential security vulnerabilities and business disadvantages of VPN technology. Of course, we are discussing VPNs in general, and not every one of our “talking points” may apply to your client’s current VPN configurations.
Let’s get started.
The Business Disadvantages of Using VPN to Connect to On-Site Servers
Lag time is a well-known problem with VPN workflows. The simple math of distance shows that it will often take longer for a data packet to reach your in-house server than a closer, cloud data center. The lack of bandwidth availability in a VPN service also plays a role in this slower-than-ideal scenario. Unfortunately, it is productivity and client margins that suffer.
The speed challenges that we have already addressed bleed into our discussion on accessing, using, and editing large files using a VPN. In a cloud workflow scenario, individual parts of files can be accessed and edited within the cloud. A VPN, on the other hand, has to download an entire file so you can work on it and then upload that entire file back to the server. This, as you can imagine, slows down the entire process.
You undoubtedly have had the CAPEX vs. OPEX conversation with your MSP clients regarding their on-site IT hardware. The discussion around the cost of a good VPN should be factored into that conversation as well. Not only does their on-site server cost them money at the time of purchase and for ongoing maintenance, but the ongoing cost of a good VPN is part of the equation they must consider when doing their pro-con analysis of moving to cloud-based virtual workflow.
In addition, unless you deploy (if even an option) redundant internet connections from separate carriers, you risk having a single point of failure. Internet outages are not uncommon and redundancy can be expensive.
- More Challenging to Scale
VPN technology is more cumbersome in the new employee provisioning process than two-factor authentication credentials for cloud workflow. It’s easier – and therefore faster and more cost-effective – to expand using cloud file and applications than VPN and an on-site server.
The End User Disadvantages of VPN Technology
- Noticeably Slower Work Processes Than On-site
- Trouble Establishing VPN Connection
- Frustration of Restarting Web or App Sessions - when VPN drops
- Complex Initial Setup – compared to cloud-based app logins
Security Challenges of Using VPN for Business
The creation and enforcement of policies to protect the user’s credentials is time consuming and more management/maintenance work.
- Endpoint and Mobile Device Management
Offsite access to internal servers necessitates the extra step of locking down the endpoint devices used by employees.
Without strict least privileged access, firewalls, network segmentation, and switches, a VPN user has full access to the company network. This voids the goal of role-based access protocols.
Conclusion:
VPN technology isn’t designed well for small to mid-size businesses that are distributed. VPN bandwidth is a problem, and unless your client has multiple ISPs, their VPN becomes a “single point of failure” vulnerability.
The Egnyte team would like to encourage you to consider Egnyte Connect as a superior alternative to VPN technology for file access and use. Our cloud-based solution is constantly updated against present and horizon-level threats and is used with confidence by MSPs across the globe. Give us a call or send an email to connect with one of our MSP service representatives.