Author: Eric Anthony, director, MSP community and partner enablement, Egnyte
Your MSP clients want their workflow and data to be secure, and some of them have, over time, invested heavily in on-premise networks that they are now accessing remotely via VPN.
We commend your tech leadership with those clients. It’s often hard to get business leaders (especially of startups and small companies) to see the value of investing in technology.
But as their systems age and employees are working from home, could that money invested in on-site technology assets and VPN access to those assets be better spent?
Why are we still using VPNs in 2022?
Sure, the general answers to this question surround topics such as protecting in-transit data and ensuring the security of the business network. Even compliance to HIPAA and FINRA is still used in the pro/con assessment of whether VPNs still have a place in business workflow.
Of course, VPN access to in-house company servers has served as a reliable stop-gap measure as cloud technology matured. But now that cloud-based virtual machines and data access is used securely by companies every day, is that stop-gap measure still the best expenditure of money and a good option for data security?
COVID-19 Didn’t Help Matters in the Judicious Use of VPN For Business
In the rush to get everyone working from home in the wake of pandemic lockdown orders, companies with traditional on-site IT infrastructure turned to employee VPN access as a solution to their new remote workflow challenges – but maybe not the best solution.
The question of VPN and on-premise servers vs. cloud-based applications/workflow is likely one that your MSP is now having with clients in your quarterly business reviews.
This article is intended to give you some “talking points” on the side of helping your clients see the potential security vulnerabilities and business disadvantages of VPN technology. Of course, we are discussing VPNs in general, and not every one of our “talking points” may apply to your client’s current VPN configurations.
Let’s get started.
Four Business Disadvantages of Using VPN to Connect to On-Site Servers
Slow Speeds: Lag time is a well-known problem with VPN workflows. The simple math of distance shows that it will often take longer for a data packet to reach your in-house server than a closer, cloud data center. The lack of bandwidth availability in a VPN service also plays a role in this slower-than-ideal scenario. Unfortunately, it is productivity and your margins that suffer.
Problems with Files: The speed challenges that we have already addressed bleed into our discussion on accessing, using, and editing large files using a VPN. In a cloud workflow scenario, individual parts of files can be accessed and edited within the cloud. A VPN, on the other hand, has to download an entire file so you can work on it and then upload that entire file back to the server. This, as you can imagine, slows down the entire process. The other issue with files in a VPN/on-premise server setup is the lack of file version histories. Employees instead have to rely on constantly changing the file name to try to keep track of the latest file versions.
Expense: You undoubtedly have had the CAPEX vs. OPEX conversation with your MSP clients regarding their on-site IT hardware. The discussion around the cost of a good VPN should be factored into that conversation as well. Not only does their on-site server cost them money at the time of purchase and for ongoing maintenance, but the ongoing cost of a good VPN is part of the equation they must consider when doing their pro-con analysis of moving to cloud-based virtual workflow.
More Challenging to Scale: VPN technology is more cumbersome in the new employee provisioning process than two-factor authentication credentials for cloud workflow. It’s easier – and therefore faster and more cost-effective – to expand using cloud file and applications than VPN and an on-site server.
Four End User Disadvantages of VPN Technology
Noticeably Slower Work Processes Than On-site
Trouble Establishing VPN Connection
Frustration of Restarting Web or App Sessions – when VPN drops
Complex Initial Setup – compared to cloud-based app logins
Three Security Challenges of Using VPN for Business
Credential Protection: The creation and enforcement of policies to protect the user’s credentials is time consuming and more management/maintenance work.
Mobile Device Management: Offsite access to internal servers necessitates the extra step of locking down the endpoint devices used by employees.
Full Network Access: Without strict least privileged access, firewalls, network segmentation, and switches, a VPN user has full access to the company network. This voids the goal of role-based access protocols.
VPN technology isn’t designed well for small to mid-size businesses that are distributed. VPN bandwidth is a problem, and unless your client has multiple ISPs, their VPN becomes a “single point of failure” vulnerability.
With most small business applications available in the cloud isn’t it time to move their unstructured file data there too? Scrap the VPN, build redundancy and make the whole organization free from the main office infrastructure.