The VPN was revolutionary for its time, allowing employees who worked remotely to access the network and private applications without having to physically move files between the office, home, and any other location. But like most early forms of technologies, it was not without its downfalls.
The VPN gateway tunneled a way directly into the network exposing it to risk of lateral movement, and as the number of remote users increased, so did the surface area of attack.
Given the approach was reliant on inbound connectivity the IP address for each service was exposed to the Internet.
Fast forward to today, with applications moving to cloud and users connecting from everywhere besides the office, why do we still leverage 30-year-old VPN technology that is anchored in the datacenter and built before the public cloud even existed?
It’s time to rethink private application access.