Every day hundreds of organizations are breached in an attempt to steal corporate secrets and personally identifiable data. The most prolific attacks end up on the mainstream media. Still, countless data breaches go unnoticed by the media or even by the organizations themselves. I had the opportunity to be part of a roundtable on How to Bring Enterprise-Grade Security Capabilities to SMBs. SMBs also can have enterprise-grade security, Zero Trust, automation, and more without breaking the bank.

Most organizations are still using VPN to provide access to internal applications and networks. Unfortunately, VPNs open the organization’s doors to the entire kingdom (internal network). Even when ACLs, Rules, and VLANs segmentation is implemented, the chances of a bad actor executing a lateral movement attack are high, especially if there is a VPN config mistake.

To compound the problem, hackers are also targeting zero-day vulnerabilities on VPN servers. A recently disclosed zero-day hack not only had the VPN solution compromised, but the vendor was also compromised in the zero-day vulnerability.

In this article I wrote for Citrix, I explain some of the VPN challenges, and I also discuss possible solutions using Zero Trust principles.