The days of walling off the outside world to protect your network are quickly going the way of the Dodo. Thanks to the extraordinary growth of remote workforces, the adoption of cloud-based networking, and new cyber threats, the old network security model just no longer works.
In this time of ultimate shareability and interconnectedness, threats can come from any angle—including inside your network. Enter the Zero Trust security framework. By trusting none and verifying all, Zero Trust can make any network, home of business, become Fort Knox.
With the old “castle and moat” style of protecting networks going by the wayside, many speculate that VPNs will follow suit. So what does this all mean for the security of your data and will you still be using a VPN in a few years time? Let’s dig in to find out more and see what the future holds for your network security.
What is Zero Trust?
NordLayer
Despite huge investments in firewalls and VPNs, organizations and even individuals are finding that they’re still vulnerable. This is down to the inherent flatness of most networks. Once hackers are able to penetrate a network, they can easily move around without worrying about additional security checks. Zero Trust is a way to combat this type of unwanted access.
Zero Trust architecture might sound like some newfangled technology, but it’s really just a strategy used for network security. It’s a type of cybersecurity methodology rather than any single program or application.
The basic idea behind Zero Trust is to, well, trust no one. Pretty simple right? In reality it takes the form of better and more comprehensive authentication in front of a service; principles such as ‘least access needed’, and the assumption that the network is always under attack, guide this model.
Why is this authentication important? Take a castle as an example. A traditional VPN acts as the moat surrounding the castle. This makes it difficult to get in, but once inside you’re able to roam about freely.
Zero Trust security on the other hand can be thought of as castle guards. They’re posted at every doorway, acting as gatekeepers for that area. Anytime you want to move to another room in the castle, you need to gain permission from that area’s guard. This level of comprehensive security is much better at limiting the damage that an intruder can do if they manage to get inside.
The principles of Zero Trust are already being used by some forward-thinking organizations and companies, but it’s only a matter of time before the same ideas will be leveraged for use in home networks and personal applications as well.
Will Zero Trust replace VPNs?
Due to the very nature of Zero Trust, traditional VPNs are facing a reckoning. Because Zero Trust architecture is very effective at keeping networks secure, some in the security community argue that it threatens to replace VPNs as a method for remote access.
Personally, I don’t think that will be the case. Zero Trust may become a default practice for companies in the future, but this doesn’t mean that VPNs will go the way of the dinosaurs though.
Sam Singleton
They still provide myriad benefits when it comes to both professional and personal privacy. Just because you’re accessing a Zero Trust service that’s authenticating every step of the way doesn’t mean your activities are private; someone who’s watching your traffic can still piece together everything you’re doing.
A VPN remains the best way of obfuscating your traffic and keeping it out of sight from prying eyes. Seeing as how Zero Trust architecture and VPNs don’t inherently conflict with one another, it’s most likely that Zero Trust is something that will be used in tandem with a VPN rather than its direct replacement in the future.
Zero Trust and VPNs to protect your data, the power of friendship
As more and more people begin working from home, their home networks will begin to grow larger and more complex. Wireless routers and access points will then become juicy targets for hackers to compromise private data.
Zero Trust security at home can take the form of multi-factor authentication (MFA) on all personal accounts. We are already seeing MFAs such as Face ID, personal USB hardware tokens, and passkeys becoming more popular. Windows 11 now allows users to easily setup and start using biometric passkeys with the right equipment.
Unfortunately, there are no current packaged solutions to Zero Trust at home. Until it becomes more ubiquitous, you’ll need to take it upon yourself to follow these practices. Utilizing things such as the aforementioned MFA, network segmentation, and strong firewalls are a good start. This is in addition to using a good VPN. When working from home or connecting to a company network, it’s always a good idea to use a VPN—even if your company doesn’t require it.
Zero Trust security won’t replace VPNs, but it does stand to make them better in ways that most people won’t even be aware of. In the future, it’ll become essential for VPN providers to keep customer data safe through Zero Trust practices—and be able to prove it as well. This behind the scenes benefit figures to reap huge benefits for the security of customer data.
Already major VPNs are starting to make it part of their privacy practices. ExpressVPN recently updated its Trust Center policies to include new core tenets such as “Embracing Zero Trust”, “Employing zero-knowledge encryption”, and “Principle of least privilege”. I expect to see more VPNs jump on board with similar privacy policy guidelines as well.
Why an ESR iPhone accessory makes the perfect Christmas gift
This is all great news for all VPN users, not just the privacy-conscious. With VPNs enacting more Zero Trust security practices to keep user data safe on the backend, they are doing their part. But until Zero Trust becomes common practice across all networks and accounts, we’ll need to take it upon ourselves to go the extra mile and protect ourselves at home.
