From remote access to universal secure access: we must rethink the security of new working methods


The digital transition is underway in Europe

According to the latest Atomik Research survey, 66% of companies surveyed have already relocated half of their business applications to the cloud. Almost a quarter (22%) say the vast majority of their apps (75%) are already there. In doing so, companies prepare for the transition of their staff to remote work. However, adoption of cloud technologies is only the first step towards this new culture of teleworking. Many companies still need to adopt security solutions to meet the needs of a mobile and remote workforce.

In the report State of Digital Transformation EMEA 2020, we learn that workers still use traditional channels to access remote systems. 30% of companies surveyed use VPN solutions to provide remote access to business applications hosted in data centers or in the cloud. One-third of businesses use Remote Desktop Protocol (RDP). More modern approaches, including Zero Trust (17%) and identity and access management (IAM) (19%), are less frequent. However, the companies surveyed are far from having blind confidence in their current systems to secure the remote access of their workers: 29% of them doubt the effectiveness of their security system and 34% are already in the process of to study new approaches in this area.

The health crisis has shown the limits of SD-WAN

Satisfaction with a solution is primarily measured by the speed and ease of access for users to the applications they need in their professional practice, no matter where they work. When they were physically present in the office, employees were assured of having efficient access. SD-WAN was popular for connecting branch offices to the corporate network and special rules were in effect for remote access. Most remote access VPN infrastructures provided concurrent access to around 30% of the staff. The global health crisis has reshuffled the cards and showed the limits of this system. With the home relocation of battalions of workers, the available VPN capacity has often proved insufficient to provide smooth remote access to all telecommuting staff. Companies then fell back on the RDP protocol, with all the security risks that this implies. The backlash was quick: cybercriminals were quick to exploit the known flaws in these security solutions.

Rethinking security: towards application access and securing user access

When telecommuters access applications, their experience should be no different from what they would have in the office. Whether they are at company headquarters, at home or in a coffee shop, they need smooth and secure access. In private, they are used to this kind of experience. If they watch a video on a tablet or smartphone and then move to another room, the device seamlessly switches and keeps the connection active if the user leaves the Wi-Fi zone. The transition to 4G is done without interrupting playback.

Why can’t we provide secure access to business applications with such a smooth user experience? Organizations are still clinging to the technologies deployed to access on-premises applications while switching to other solutions for remote access – a situation that harms the user experience and increases security risks. As applications move to multi-cloud environments, complexity grows. IT teams now have to manage systems in two locations at the same time.

Currently, there should no longer be any distinction between access on company premises and remote access. The pandemic’s transition to telework has proven that employees stay productive wherever they are. What matters is that they can count on smooth and secure connectivity, no matter where they work.. Today’s workers are more likely to work remotely. So why do companies still distinguish between access on company premises and remote access? Wouldn’t it be better to replace remote access with a consistent and secure access policy, in effect wherever the user is located?

The advantages are obvious. The IT team would no longer have to take on the heavy maintenance of two systems. As for users, they would benefit from simple and fluid access. In a world where consistent and secure access is of paramount importance, there are connectivity solutions that can provide both access to applications and secure that user access. They operate the same regardless of the user’s workplace, since the security and connectivity model relies on two static elements: the user’s identity and their device.

The SASE (Secure Access Service Edge), pronounced “sassi”, defines the criteria for implementing this model. In the near future, this approach will completely replace traditional remote access VPNs and RDP. According to the survey, 55% of European companies have heard of SASE and plan to deploy it; 11% have already taken action. Secure universal access, anywhere and anytime, is for tomorrow. Soon the distinction between remote and onsite access will be a thing of the past.