Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

2/3/2021
08:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

DH2i Pre-Pandemic State of Virtual Private Networks (VPNs) Survey Reveals Inadequate Security Is Number One VPN Pain Point

FORT COLLINS, Co. – February 3, 2021 – DH2i®, the leading provider of multi-platform Software Defined Perimeter (SDP) and Smart Availability™ software, today announced the results of its premier Virtual Private Network (VPN) survey of IT professionals across small-, mid- and enterprise-sized organizations. To qualify, the respondent had to be using a VPN for network access and/or security measure. The survey findings revealed that universally, respondents advised that using a VPN created a number of problems for their organization. Topping the list, 62% of respondents cited inadequate security as their number one VPN pain point.

The goal of the research, conducted prior to the COVID-19 stay-at-home guidance, was to understand the challenges being faced by IT professionals charged with deploying and managing VPNs, as well as what new capabilities they would find beneficial. The next phase of this research, already underway, will examine how today’s work from home (WFH) paradigm has shifted the data security and VPN landscape.

The Pre-Pandemic State of Virtual Private Networks (VPNs) Report Highlights:

-  The top three use cases: remote user access (83%), site-to-site connections (57%) and site-to-cloud and/or cloud-to-cloud connections (48%).

-   The top three VPN vendors: CISCO (663%), Palo Alto Networks (22%) and Check Point (12%).

-   The top five pain points: security (62%), performance (45%), cost (46%), manageability (44%) and reliability for DR (48%).

-   The most surprising finding: Almost 40% of respondents believed their network had already been breached by a bad actor(s).

The full report deeply analyzes each of the aforementioned topics, details the survey methodology and presents an analysis on the future of VPNs.

“It was indeed surprising to have almost 40% of those responsible for keeping ransomware and other malware from penetrating their network, believe that in fact, it already had. And, while this survey was completely anonymous, we believe that this number is actually even higher - as some respondents would likely prefer not to admit it, even to themselves,” said Don Boxley, CEO and Co-Founder of DH2i. “We expect this number to grow during the next research phase, given the rise in bad actors during the past year that were looking to exploit data security vulnerabilities as a result of the pandemic.”

“To take a step back, at the start of this research, our goal was to better understand the current challenges being faced by IT professionals responsible for their network security, particularly those using VPNs, and to solicit their feedback on what improvements, features, functionality and capabilities they viewed as ideal in a next-gen VPN or competitive solution,” said Boxley. “It is interesting to note that at the end of the day, recognizing the limitations of current VPNs, 86% of respondents were inclined to consider an alternative if the other solution could prove superiority across several factors including security, configuration and management, cost, performance and availability. Specifically, 89% of the respondents indicated that they prefer a substitute to their current VPNs if given the ability to easily limit remote users’ access to specific applications or services without creating a network attack surface.”

“Of course, as we were analyzing the results of our initial research, the pandemic hit, and countless individuals found themselves trying to navigate the challenges of a work from home scenario - including how to gain access to their organization’s applications and information. Simply gaining access was the priority for most workers. However, for IT ensuring that their employees not only had uninterrupted access, but that it was secure on both ends, and everywhere in-between, pushed other alternative remote access IT initiatives to the back burner,” Boxley continued. “While it provided immense and immediately actionable insight, we knew that this research would need to be considered a phase 1, given the cataclysmic shift that was taking place. We look forward to sharing the results of our phase 2 research shortly.”

To read the full Pre-Pandemic State of Virtual Private Networks (VPNs) Report, please visit: https://dh2i.com/the-pre-pandemic-state-of-virtual-private-networks-survey-report

Tweet this: @DH2i Pre-Pandemic State of Virtual Private Networks Survey Reveals Inadequate #Security Number One #VPN Pain Point https://dh2i.com/press/

And/or Tweet this: @DH2i #VPN Survey >> Most Surprising Finding: Almost 40% Of Respondents Believed Their #Network Had Already Been #Breached By Bad Actor(s) https://dh2i.com/press/

About DH2i

DH2i Company is the leading provider of multi-platform Software Defined Perimeter (SDP) and Smart Availability™ software for Windows and Linux. DH2i software products DxOdyssey™ and DxEnterprise® enable customers to create an entire IT infrastructure that is “always-secure and always-on.”  To learn more, please visit: www.dh2i.com, call: 800-380-5405 or +44 20 3318 9204, or email: [email protected].

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21302
PUBLISHED: 2021-02-26
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. The problem is fixed in 1.7.7.2
CVE-2021-21308
PUBLISHED: 2021-02-26
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2
CVE-2021-21273
PUBLISHED: 2021-02-26
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key va...
CVE-2021-21274
PUBLISHED: 2021-02-26
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to...
CVE-2021-23345
PUBLISHED: 2021-02-26
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>.