Cookie Settings
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Other cookies are those that are being identified and have not been classified into any category as yet.

No cookies to display.

cat keyboard

Zero-Trust Makes Working From Home Secure And Reliable, Unlike VPN


Monday I made the difficult decision to send the team to work from home. Since everyone takes public transit, it would not be fair to leave it to individuals to decide, they might feel pressured. This makes me sad since we are all about Agile, which values live face-to-face discussions.

What was not a concern for me was remote access. We are 100% Zero-Trust. The network is not part of the trust model. You are no different on our corporate network than on a mobile network or airport WiFi. Each service authenticates the user (using 2-Factor authentication), directly. No L2TP, no PPTP, no IPSEC, none of these. This means that we can scale just as easily on-site as off-site. The number of remote users does not matter.

Monday night I helped my wife set up her VPN access for remote to work. It was, um, not modern. A different login experience. Web pages that ran on a local network and didn’t have domain names. A VPN that worked inside some browser tabs, but not all. Popup windows. It was device specific, curated, complex to maintain. And one thing I know about security: complex to maintain implies insecure. It may look secure with all the facades, but underneath it, something is not setup properly. I was very sad, how could things be this bad?

I’ve talked earlier in Secure Exposed Access about how you could, with an increase in security and decrease in complexity, get rid of the VPN and expose individual applications to the Internet. In such a fashion that only authenticated users would see them. I think its a better model. It gives you a lot of the value of SaaS, without the short term transition issues. It gives you better segmentation and simpler deployment (on the client, on the network) than the VPN.

Be safe, work from home, be productive. When you come out of your shells, challenge the status quo. Next time can be better.