Networking

SDP vs. VPN: What to Consider for Remote Work

VPNs have been a hallmark of working remotely, but as perimeters dissolve in the modern enterprise, alternatives should be explored to support location-free work.

Jonathan Karl

Jonathan Karl is the director of healthcare sales at CDW.

Employers across the U.S., including those in the healthcare industry, shifted to remote work wherever possible during the COVID-19 pandemic.

Though there has been some movement back to the office after more than a year since the first widespread restrictions took place in March 2020, there are still many employees who are logging on from home.

Dartmouth-Hitchcock Medical Center, in Lebanon, N.H., recently announced that as many as 2,000 of its employees, including those in IT, human resources, finance and some clinical secretaries — about 13 percent of its employees overall — will continue at least some remote work after the pandemic subsides.

VPNs can be a key technology for facilitating remote work, but as perimeters continue to fluctuate in response to the pandemic and beyond, organizations should reassess their infrastructure and security needs, especially if they are planning to adopt a zero-trust approach.

A software-defined perimeter is one way to implement zero-trust security. Users and devices must both be verified before they can connect to an organization’s network. An SDP approach can easily integrate with hybrid cloud deployments, and it’s useful for linking remote teams from any location.

As healthcare organizations re-evaluate and prepare their systems for a more digital workspace — one that is not defined by a static location — here’s what they need to know about SDP, how it relates to a zero-trust model and whether their legacy VPN needs some extra protection.

Why Should Healthcare Consider SDP?

With the uptick in remote work during the pandemic, there was a large increase in VPN utilization. But that came with its own shortcomings and created security issues. That’s where SDP steps in, with an approach to authenticate users and devices specific to the network resource they’re trying to access, regardless of location.

SDP is really just another network security architecture. Zero-trust implementations with SDP allow for better defense. Most legacy attacks occur because users are connected to an environment where they can see the other connections that exist in that network. SDP focuses on hiding or concealing IT assets from the view of anyone on the network.

Where VPN capabilities end, SDP enters with a better, more reliable user experience, whether the user is connecting to the data center or accessing the cloud — and no matter where they are working.

Implementing SDP with a zero-trust mindset improves the overall security position by filling the gaps that have grown over the past two decades with legacy VPNs. Though SDP could potentially replace VPNs in the future, when they’re used together in a zero-trust implementation, it offers the best security posture possible at the moment.

What’s the Impact on Remote Work?

The pandemic upended many healthcare IT protocols. The digital perimeter was redefined to meet patient needs while protecting important data and providers. The perimeter that healthcare organizations had been building for years had to adapt with the mass proliferation of mobile devices — from smartphones and tablets to laptops — used outside hospital walls.

Organizations have had to rethink their perimeter, and VPNs may be limited in ensuring a secure environment.

Employees in healthcare handle a lot of sensitive data. SDP tightens secure remote access for all users, and layering the architecture over existing VPN investments can help organizations scale rapidly in a cost-effective way, ultimately helping them reduce the risk for new attacks.

Because SDP and VPN technologies can work together, healthcare IT teams don’t have to worry about making a sudden switch. Layering VPN with SDP and a zero-trust approach will give organizations the most effective security currently available.

This article is part of HealthTech’s MonITor blog series. Please join the discussion on Twitter by using #WellnessIT.