kentoh - Fotolia
In early 2020, many IT departments rushed to handle the major uptick in remote employees due to the COVID-19 pandemic. For the most part, administrators pulled off the impossible and successfully provided the digital resources their employees needed. As the rush subsided, IT leaders began to look at how they can better support and manage remote employees in the event that the pandemic forces staff to stay away from the office longer than anticipated.
For IT teams going through this exercise, one of the first questions they must ask is: What is the best way to deliver business applications and services to remote employees? While this question has no right or wrong answer, most teams have narrowed their options down to two technologies: VPNs and cloud services -- particularly, public cloud.
Let's look at how VPN vs. cloud services stack up from a remote workforce perspective and when organizations should use them.
How do VPNs work?
VPNs have been around for decades. Remote employees use VPN software to remotely and securely connect into their corporate networks. Employees accomplish this through authentication, with a username and password or either two-factor or multifactor authentication. Once authenticated, the VPN head-end appliance at the corporate internet edge determines what access to grant the user on the network. Administrators restrict what end users can and cannot access based on their job roles.
VPNs are necessary for organizations that manage applications, data and digital services inside corporate networks. VPN tunnels have been the go-to technology to safely connect and access these internal resources.
Future of remote work comes into VPNs vs. cloud debate
Because of the proliferation of public cloud computing resources, like SaaS, the VPN's importance is decreasing. Remote workers can access public cloud resources directly from the internet, so employees don't require VPNs in these situations. Third-party public cloud environments handle all authentication and authorization.
Currently, many businesses find themselves in what's known as a hybrid cloud architecture. This means they moved some applications, data and services to public cloud environments, while other resources remain in private data centers. Users that need access to applications and data that reside inside the company network will still require VPN technologies.
For forward-thinking IT leaders, however, the goal is to eliminate the need for aging VPN systems that cost time and money to manage. To reach a point where a business no longer needs a VPN, the business must move all remote work applications and services to public cloud environments. For some organizations, a cloud-only architecture is a lofty and far-off goal.
But, as remote workforces may remain the norm for the foreseeable future, this trend may accelerate further migration of applications, data and services into cloud environments.
Dig Deeper on Network Security
Related Q&A from Andrew Froehlich
An IAM system introduces risks to the enterprise, but the consensus is the benefits of IAM outweigh the drawbacks. What are some of the issues that ... Continue Reading
The network edge is where an enterprise network connects to third-party network services. Edge computing is a distributed architecture that processes... Continue Reading
PAP uses a two-way handshake to authenticate client sessions, while CHAP uses a three-way handshake. Both authentication processes are common, but ... Continue Reading