Companies of all sizes and across all industries have been forced to adapt to a business model where most—or all—employees work from home and connect remotely in response to the COVID-19 pandemic. Few were prepared to manage remote connectivity at that scale—never mind addressing security and data privacy concerns. Wandera recently launched Wandera Private Access —a cloud-based service that provides secure connections between users and applications based on the concept of zero trust—to give organizations the tools to maintain productivity without sacrificing security in this new remote workforce world.
Challenges of VPN
The standard method of secure remote access has traditionally been a VPN (virtual private network). Most organizations already had at least some capacity for VPN connections to be used by remote sites or employees in the field who needed to connect with company applications and data on the go. That was fine for limited use cases, but VPN access presents a variety of challenges.
VPN connectivity typically relies on a hardware appliance deployed on the internal network, combined with the client licenses for the devices that need to connect. Few—if any—companies were prepared with the hardware capacity or licenses necessary for the entire company to connect via VPN. VPN also has issues with speed and performance. Especially when the whole company is connected at once. Additionally, VPNs provide broad network access to anyone who uses it, and that includes an attacker. That attacker then has access to hundreds of applications on that network, which exposes sensitive data and applications to unnecessary risk.
“When it comes to today’s remote workforce, traditional VPNs fall short, requiring a shift in how we approach remote access and connectivity,” said Eldar Tuvey, CEO, Wandera.
That is why Gartner predicts in their Market Guide for Zero Trust Network Access that 60% of organizations will phase out current remote access and VPN solutions in favor of zero trust network access (ZTNA) by 2023.
Wandera Private Access
Wandera Private Access is built on a cloud-based, software-defined perimeter (SDP). It creates a secure, isolated environment for each application and grants access to specific applications only for authorized users based on least privilege access principles and real-time device posture checks. Wandera creates specialized routes to link apps and users. These app-level microtunnels route traffic through the Wandera infrastructure—enabling fine-grained control both of the initial connection and throughout active sessions. In order for a tunnel to be established, the user must have the appropriate permissions to the application in question, along with verified identity and authorized device ID.
The principles of zero trust network access are also part of Wandera Private Access. It relies on adaptive access—providing real-time risk assessments that can influence routes and provide telemetry for third-party integrations. Wandera Private Access can terminate a session or alter routes, according to policy, in real-time if a change in device risk state is detected.
The thing that stands out about Wandera Private Access is the ease of management. Modern cloud infrastructure makes it easy to deploy. Wandera offers integrations with identity services eliminating the need to manage certificates. It also allows for unified access policy that spans all hosting locations (on-premises, private and public clouds, and SaaS applications), all modern operating systems and management platforms.
Wandera understands that there are typically other applications and information on a device that a user may need access to in order to work efficiently and effectively—but that there must be some segregation and an ability to protect the secure tunnel from exposure to unnecessary risk. Wandera Private Access uses dynamic split-tunneling to solve this. The intelligent tunneling protocol only routes traffic from an application on the authorized user’s device to the associated application on the other side of the cloud SDP. The app microtunnel policy remains in force without impeding an optimal experience for the user on the device.
Wandera claims a number of crucial advantages for Wandera Private Access over VPNs when it comes to performance. For example, Wandera Private Access WPA is 4 times faster and has 3.5 times the data throughput of a VPN. As important—or perhaps even more so—than the performance aspects, though, are the security implications. Wandera Private Access WPA provides direct connections between users and the applications they need—eliminating the broad network access of a VPN connection and significantly reducing the attack surface and exposure to risk.
Security for the ‘New Normal’
Despite initial concerns about allowing employees to work from home, studies have found an increase in performance and employee satisfaction with this new model. Many companies that went into the COVID-19 pandemic with the notion that this was a temporary arrangement have decided to embrace this model permanently or are at least considering a more flexible approach to remote work moving forward. The willingness to do so hinges on the ability to ensure both performance and security of remote connectivity using tools like Wandera Private Access.
Wandera Private Access supports all private applications—protecting access to any type of corporate resource whether it is on-premises, a SaaS (software-as-a-service) application or hosted in a private or public cloud. The ability to protect across a hybrid and/or multi-cloud environment, while also providing for users connecting from home makes Wandera Private Access a solid choice for managing secure remote access for the “new normal”.
Wandera CEO Eldar Tuvey summed up, “Wandera Private Access is forging a path for security conscious enterprises to easily, quickly and securely embrace ZTNA and benefit from lightning fast connectivity that improves the user experience exponentially.”