Forrester analyst Stephen Marsh originated the concept of the perimeterless security approach known as zero trust architecture (ZTA) in 1994. Since then, and with help from his fellow Forrester Analyst John Kindervag, use of the zero trust approach has steadily grown with the biggest enterprises in the world.
- 66% of small businesses report being concerned or extremely concerned about cybersecurity risk.
- 47% of small businesses don’t know how to protect themselves against cyberattacks.
- 3 out of 4 small businesses don’t have IT personnel to address network security.
Owning and operating a small business is a labor of love, and often requires running as lean as possible. Can SMBs afford robust, reliable security solutions that reduce security risks and put them on the path to zero trust (ZT)? Considering 43% of cyberattacks target small businesses, and the average cost to restore normal operations after an attack is $955,429, the reality is they can’t afford not to have it.
Here’s the good news: with OpenVPN Cloud your small business can get a zero trust security model without costly personnel and service providers. Even the most frugal start-ups can enable secure remote access, user authentication, IDS/IPS, and monitoring with our cloud-based virtualized network that ensures secure communications.
We’re fans of SMBs – we started small, after all – and know your time is valuable, so we’ll take a quick look at a few of the ways OpenVPN Cloud can put you on the path to Zero Trust Network Access (ZTNA).
Secure Remote Access
Just as secure access service edge (SASE) isn’t a single product, “Zero trust is a way of thinking not a specific technology or architecture,” according to Gartner Distinguished VP Analyst Neil MacDonald. “It's really about zero implicit trust as that’s what we want to get rid of.” At its core ZT is about reducing damage tied to human error, which makes sense considering human error is the cause of 23% of data breaches, according to a 2020 IBM report that analyzed more than 500 security incidents.
The pandemic accelerated digital transformations and a shift to remote work, in addition to moving workloads from data centers to the cloud. It also eliminated the safety offered by on-premise network security, firewalls, and user access control. All of the devices employees used to access company networks via home or public Wi-Fi created new endpoints and potential vulnerabilities for hackers to exploit. When it comes to balancing an easy user experience – real-time access to data and apps – with minimizing attack surface, OpenVPN Cloud is a great choice.
OpenVPN Cloud helps small businesses and branch offices of larger enterprises easily create a secure virtualized network that ensures secure communications between on-premise applications, SaaS applications, remote employees, business partners, IoT devices, and specialized applications. It also allows you to safeguard your resources in a controlled, adaptive, and scalable manner. Remote workers can use OpenVPN Connect, for an instant, authenticated connection on virtually any device with Microsoft Windows, macOS, Linux, Android, or iOS.
Pro Tip: Access management, enforcement of access policies and access controls, is an integral piece of ZT. Always follow the principle of least privilege access regarding your company's digital infrastructure. If you give admin privileges to all your employees, bots can quickly spread through your system. Limit access to only what each person needs to do their job.
Two-factor authentication (2FA) authenticates online account or network access by requiring a user to provide two different types of information. Multi-factor Authentication (MFA) requires users to verify their identity with credentials above and beyond the username and password. Common user account credentials include verification codes, PINs, fingerprints, and keys or cards that generate random codes (e.g., YubiKey).
MFA gives organizations more peace-of-mind when remote workers connect to their company's services. OpenVPN Cloud lets you easily authenticate your users with Single Sign-On (SSO) and gives them the convenience of using one set of credentials for connectivity. (Note: SAML and LDAP are supported.)
IDS/IPS and Monitoring
Intrusion Detection Systems and Intrusion Prevention Systems — or IDS/IPS — are invaluable, readily available network security tools that identify and stop threats employees may fall victim to without knowing it.
Included with OpenVPN Cloud at no extra cost, Cyber Shield Traffic Filtering is an easy-to-use, customizable IDS/IPS feature that protects remote access with:
- Traffic Filtering feature acts as an IDS and IPS.
- IPS based on threat category or severity of threat.
Cyber Shield fortifies protection by letting network admins decide which threats to block. And because cyberthreats are continually evolving, it includes easily accessible reporting with insights that make it simple to fine-tune security measures to mitigate threats.
Fundera reports that 1 in 323 emails small businesses receive are malicious, and IDS/IPS is one way to keep bad actors out of your inbox (and network). The Domain Filtering capabilities of Cyber Shield give network administrators the ability to do content filtering with minimal effort. Cyber Shield also provides Traffic Filtering automation for reliable protection against malware and ransomware, denial of service, phishing, known threats, and vulnerabilities/exploits that may be overlooked by other security layers or solutions — before it reaches other security controls. The Traffic Filter feature also detects and blocks network threats by category or Threat Level (Levels 1 thru 3).
IT security and cyberattacks evolve quickly. The ability to adapt your security strategy and security policies is crucial. But adaptation requires actionable data and insights. With Cyber Shield you get easily accessible reporting with insights that make it simple to fine-tune your security posture.
Don’t Wait. Start Your ZT Journey Today.
OpenVPN gives businesses of all sizes the ability to expand secure access that protects workers using home and public Wi-Fi networks and SaaS applications outside your network perimeter. We also provide all the tools and capabilities necessary for building a strong zero trust network to block or seriously mitigate most attacks. And we offer all of this in a pricing model that grows with your company.
Best of all, we make it as easy as possible for you to deploy a cloud-based business ZTNA approach today. Get your three free connections here.