The Demise of the VPN will Come Sooner Rather than Later
Around this time every year, businesses start to make predictions for the year ahead. This year, however, has been marked by upheaval—a pandemic that has resulted in incalculable loss, global lockdowns, and the disruption of our day-to-day lives—situations no one anticipated. Our predictions for the year, in hindsight, almost seem quaint in comparison to the realities of 2020.
But one prediction for 2020 that did come to pass was around the trajectory of VPNs. Even before the move to remote work, VPN technology had been showing its age for some time. VPNs worked well in the network-centric world, where apps resided solely in the data centre and a security perimeter around the “castle” was all you needed. Even in 2019, many organisations were already moving toward a perimeter-less model, where traditional network security based on the castle-and-moat approach was no longer relevant. We predicted that, in the next few years, VPNs would be redundant. We may have been right about the VPN being on its last legs but off a bit on the timing.
VPN redundancy accelerates
In 2019, businesses didn't invest their infrastructure budget in enabling remote work. The two primary investment areas were driving applications to the cloud (to achieve cost benefits and competitive advantage) and simplifying IT in general. For most organizations, that meant investing in SD-WAN projects. These investments made sense at the time. But when lockdowns started hitting in March, business continuity plans proved to be lacking, and those sites with SD-WAN sat unused and gathering dust.
In March of this year, businesses found themselves unable to handily support en-masse remote work, as there was a critical shortage of network connections. I know of multiple organisations that had their employees connecting to the data centre via VPN to get internet access. This kind of solution could handle 20%, maybe 30%, of the workforce, so scaling to handle all employees was impossible. Reliable connections became scarce, and productivity suffered as a result.
As connectivity inevitably became the precious resource needed to ensure business continuity, IT teams felt pressured to enable more reliable connections. In an ends-justify-the-means scenario, IT teams started bypassing security controls, spinning up cheap remote desktop protocol (RDP) and VPN solutions, and also empowering employees to use their personal devices to access internal corporate resources.
In the short term, this meant a summer of relative calm—connectivity stabilised, productivity increased, and board members breathed a tentative sigh of relief. However, the quick fixes and workarounds left cracks in security.
VPN security issues come full circle
In mid-October, the US National Security Agency (NSA) released a list of the top 25 security vulnerabilities that Chinese hackers have been exploiting to steal intellectual property, as well as economic, political, and military information. VPNs and RDPs make up nearly half of those vulnerabilities. Since the end of summer, significant cyberattacks, especially those involving ransomware, have targeted these approaches to remote access in large enterprises.
VPN vulnerabilities are nothing new. The NSA and its UK counterpart, the National Cyber Security Centre (NCSC), have flagged vulnerabilities in VPNs for years. The difference now is that organisations aren’t just relying on VPNs to connect a handful of workers; VPNs have become central to business continuity. Their widespread use makes a company’s attack surface larger, and the prizes for cybercriminals larger still.
We recently researched how European businesses are enabling secure remote access. Thirty percent of companies use remote access VPN solutions to provide access to business applications in data centres or the cloud. One-third are using RDPs. More modern approaches, such as zero-trust (17%) and identity and access management (19%), trail behind.
Relying on these outdated solutions is, to put it mildly, risky. No one knows for sure how the recent work-from-home mandates will affect work practices in the future. But it seems sensible for businesses to prepare for large-scale remote work in the future—to maintain flexibility in the face of another type of crisis or simply as a smart business strategy.
As I mentioned at the outset of this piece, the infrastructure investments of 2019 often proved to be unsuited for the challenges businesses faced this year. Business leaders couldn’t have anticipated the year we’ve had, and now needn’t get bogged down in sunk costs. It’s time to retire the VPN for good before its inadequacies cause further harm to businesses.
Ireland is key launchpad for US expansion into Europe
The first transatlantic cable was laid between Newfoundland and Valentia Island in County Kerry, Ireland, in 1858. It was a flawed effort; the connection was poor, causing enough issues with efforts to send telegrams along it that major repair efforts were set underway immediately - efforts which ended up further damaging the cable line, severing the connection just three weeks later.
This first step towards transatlantic subsea communication, shaky as it was, laid the foundations of more than a century and a half of information exchange across the ocean, between the East Coast of North America and Western Ireland.
It’s been 163 years since the completion of the first transatlantic cable, an event which cemented Ireland’s position as the landing stage for subsea connections between Europe and the Americas. That position has, in no small way, been a driving force behind the country’s modern role as a landing stage for US and Canadian firms looking to do business in Europe.
Today, some of the largest firms in the world, like Pfizer, Janssen, Zurich, Metlife, Google and VmWare use Ireland for their European Headquarters. The combination of an English-speaking workforce (a boon made all the more important as Brexit makes the UK and the north of Ireland an increasingly complex environment that provides diminishing opportunities to access the rest of Europe), a cultural and regulatory landscape that welcomes foreign investment, and world-class connectivity makes the country an unparalleled choice for firms looking to establish a foothold in the EU.
As a result, Ireland has become one of the world’s leading data centre hubs.
Based on leading data centre firm Interxion’s Data Gravity Index, Dublin will be among the top five European cities that will contribute to Europe’s growth in data in the coming years, following London, Paris, Frankfurt and Amsterdam. The amount of data generated in Dublin itself is expected to grow alongside its economic expansion, with the Data Gravity Index also predicting that Dublin will outpace cities and data centre hubs like Mexico City, São Paulo, and even Shanghai, to be among the top 20 cities to experience annual data growth by 2024.
Ireland ranks 6th in the 2020 EU Digital Economy and Society Index (DESI), meaning that it is among the leading ranks of EU Member States in terms of the uptake and use of digital technologies. Likewise, the trend to locate data centres in Ireland serving overseas clients will continue to generate increasing amounts of international traffic
Managing the Dublin Data Boom
According to Interxion, subsea connectivity will continue to play a massive role in helping both international and domestic organisations digitally transform themselves to meet the challenges of changing markets post pandemic.
As the pace of global digital transformation - and the subsequent need for more connectivity - accelerates like never before, this rapidly developing world is driving urther demand for these cables as individuals and organisations become increasingly reliant on subsea cable’s exceptional data speed and capacity.
According to experts at Interxion, this connectivity will be pivotal to Ireland’s continued success in attracting international companies in the technology, pharmaceutical and financial sectors.
The subsea cable industry is a key contributor to the Irish economy across many sectors. The draft National Marine Planning Framework reported that subsea international networks make Ireland an attractive region for investment for the technology and digital sectors. Telegeography states that there are twelve existing subsea cables connecting Ireland to the US and UK, and a further four systems are under development. The Iish government’s statement on the Role of Data Centres in Ireland’s Enterprise Strategy identified Ireland as a location of choice for many different sectors reliant on digital and telecommunications capabilities, all of which in turn rely on subsea cable interconnectivity.
Subsea cables are of strategic importance to Ireland’s future as a catalyst for economic and societal prosperity. Ireland can be the ideal location for your company’s expansion plans. To find out how, you can hear from leading experts throughout the data centre and digital infrastructure industries on June 15, 2021, as speakers from the IDA, Aqua Comms, GTT Communications, euNetworks and Interxion discuss subsea cabling, digital transformation, Data Gravity and the fate of Ireland’s digital economy.
Key topics will include:
- Key facts about existing subsea infrastructure,
- Future plans,
- Challenges (including Marine Maintenance) and opportunities,
- Terrestrial networks (demand vs supply);
- Ireland's role as a gateway to Europe
The virtual panel (which is taking place between 10:30 PM - 11:30 PM JST on June 15, 2021) will conclude with a 20 minute Q&A. Mike Hollands, Senior Director of Market Development at Interxion, will moderate the event.