In Blog, User Management

pablo (6)

A global economy and workforce mean that your workers may be anywhere using just about any type of equipment. The challenge for IT organizations is in how to connect those users to whatever devices, applications, and networks that they need.

The traditional answer has been to have those workers VPN into your network and then fan out to whatever they need. That means your network becomes the hub and they are the spokes. That hub and spoke model has been around for a number of years and the catalyst for that working has been the VPN.

When VPN Was MVP 2016-08-05 14-31-27Historically, workers needed to log in to the corporate network. Applications were there, and servers were often on-premises. Basically, whatever an employee needed was within the corporate network, so the challenge was: how do you enable a remote employee, such as a salesperson, to connect to the corporate network securely?

The VPN became the way to do that. Usually, there was a VPN client on the employee’s device and a VPN concentrator at the organization’s network edge. The connection was secure and then allowed the end user to log in to the network.

WiFi and the Cloud has Changed the Game

WiFi Radius Remote Workers

With the move to the cloud, there is less equipment on-premises. Applications and devices are no longer within the network. Remote employees can now easily connect to what they need in the cloud, including Google Apps, Slack, Github, Salesforce, AWS, and many other IT resources.

So the easy answer is that you don’t actually need the employee to log in to the network – that means that you can eliminate the VPN concentrator and VPN clients. One less moving part in the network, right?

The problem with that is eliminating the VPN also eliminates the traditional authentication process to Microsoft Active Directory. Without authentication, IT doesn’t have control over the remote worker’s device. That can create significant problems for security, access control, and remote device support – all of which are important to IT.

DaaS Is The New Heavy Hitter


There is now a way to eliminate the VPNs for remote workers, yet still have control over authentication and devices. It’s called Directory-as-a-Service® – a cloud-based directory service that controls authentication, authorization, and management of employee devices, applications, and networks.

For remote employees, IT gains control over their user access as well as their device, increasing security and extending support to the end user. Because of the cloud-based architecture, no VPNs are necessary between the end user, the directory service, and the IT organization, saving time and money.

If you would like to learn more about how Directory-as-a-Service can help you eliminate your VPN infrastructure, drop us a note. We’d be happy to chat with you about it. Also, feel free to try the platform for yourself. Your first 10 users are free forever.

Recent Posts