As the impact of the pandemic lessens and the world adjusts to a new hybrid world, some security solutions have still not changed. For most organizations, VPNs remain a preferred access method – specifically for remote work access. VPNs encrypt a user’s web traffic and send it through a private connection to the corporate network, allowing employees to access corporate data and applications with some measure of security and privacy.
Today, however, due to the proliferation of cloud-based applications like Office 365, SFDC, Google Drive, and others, it is uncommon for organizations to rely solely on VPN-based access to corporate resources. Instead, VPN is usually used to access just a small subset of internal corporate platforms, leaving remote users unprotected when accessing these cloud-based applications, and exposed to threats on the internet.
Furthermore, VPNs may not provide the level of security that’s necessary in today’s threat environment. Malicious cyber actors are finding and targeting vulnerabilities in VPNs. And since VPNs are considered 24/7 infrastructure—that is they are always on to facilitate secure connection to the enterprise network—organizations are less likely to keep them updated with the latest patches. Finally, since many VPN providers charge by the user, many organizations may have a limited number of VPN connections available, meaning that any additional employees can no longer telework or securely access corporate data.
In this environment, one of the best and most cost-effective ways enterprises can secure such a large-scale tele-workforce is by using DNS as a first line of defense. Every connection to the Internet goes through DNS—those working from home are typically using either public DNS or DNS provided by their internet service provider, both of which seldom do security enforcement on DNS. Companies are increasingly interested in implementing secure DNS services that can quickly start protecting their remote workforce.
DNS can be used to extend enterprise-level security to teleworking employees, their devices, and corporate networks, no matter where they are located.
Some of the benefits of using DNS include:
* DNS can be used as the first line of defense to detect and block phishing, exploits, ransomware and other modern malware by preventing teleworking employees from accessing malicious websites
* DNS can block access to objectionable content restricted by policy
* Sensitive data can be kept secure and advanced threats can be monitored including the rise of lookalike domains