IT admins have been creating and using VPNs for their remote workers for a long time now. The view was that every worker needed to connect back to the “mothership” for their IT services and then branch out to the Internet. In decades past, when remote workers really only could do their jobs by connecting to the internal LAN, the approach of having a VPN for each worker made sense.
Today, though, the cloud is changing how IT admins approach remote workers. IT organizations can skip the VPN with remote workers.
When VPNs were Indispensable
VPNs were an extraordinarily useful tool. They would create secure connections between remote workers and the on-prem network. While workers could be outside the main offices, they could still do their work.
As more of a user’s work involved IT and applications / systems that were located within the network, VPNs became indispensable. Each user could securely connect to the network and then navigate to the systems, files, or applications that they needed. Initially, the speeds were quite slow, but users could still get work done. Over time, VPNs became fast, so the experience was almost like being on the local network.
IT admins liked VPNs because they were secure. A user needed to log into the VPN before they were allowed access to the network. Even after they gained access to the network, they would likely need to log in again to authenticate with Microsoft Active Directory® before being allowed to access IT resources on the network. In fact, one of the core reasons that IT admins leveraged VPNs was so that users could authenticate with AD.
An Obligatory Relationship Between AD and VPNs
As more IT applications and resources moved to the cloud, the number of reasons to connect to the local network decreased. Eventually, IT admins were only interested in leveraging the VPN for authentication with Active Directory. If AD was out of the equation, IT could not control and manage user accounts and the devices themselves. So, VPNs continued. Users were forced to log in an extra time, and IT needed to manage the VPN software. With nothing on the internal network that couldn’t be accessed via web browser, users and IT admins alike were wondering why they needed to leverage VPNs anymore.
The Must-Have Solution To Skip The VPN With Remote Workers
The truth is that IT and end users can skip the VPN for remote workers. IT can still have the control over user accounts and devices while end users still have access to whatever resources they need. The mechanism to eliminate the VPN is by shifting the identity management system from Active Directory to Directory-as-a-Service®. As a cloud-hosted directory service, the authentication process is securely done through the cloud. A lightweight agent is placed on each device. And a secure TLS connection is established between the device and the virtual identity provider. No VPN is necessary, yet the connection is secure.
IT admins have the ability to tightly control user access to the device, applications, and networks through Directory-as-a-Service. The IDaaS platform works in a cloud-forward environment where the concept of a domain is largely irrelevant now. End users get the benefit of True Single Sign-On™ where their identities are leveraged for virtually all of the IT resources they need to access. All of this happens without the need for the costly and time-consuming VPN infrastructure.
JumpCloud® Provides Critical Control, Visibility & Security
If you would like to learn more about how your organization can skip the VPN with remote workers, yet still have the control, visibility, and security that you desire, drop us a note. Also, please sign up for a free account to give Directory-as-a-Service a try yourself. Your first 10 users are free forever.