Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Subscribe
Zero Trust Alternatives to VPN
Products & Solutions

Move from a Star Trek Approach to a Star Wars Approach: Zero Trust Alternatives to VPN for State and Local Government

ADAM FORD, ROB CHEE
January 29, 2025 - 4 min read

VPNs have long provided an option for connecting to secured networks, however in today’s cloud-based, application-centric IT environment, VPNs simply do not meet the reality of security threats. 

VPNs were built primarily for connectivity, with security an added element. In practice, VPNs work like the Star Trek transporter – moving users from one location to another. Once there, they can move wherever they like until it is time to be beamed back up to the ship. This unfettered access is a huge security risk while also slowing access to modern applications needed for daily operations. 

In contrast, zero trust architectures act more like FaceTime or the Star Wars Hologram. The user is never actually on the network, but they can communicate with and be seen by the applications and data they need to complete their job. 

Zero Trust Remote Access

On a Zscaler webinar we talked through the benefits of moving to zero trust for remote access over the use of VPNs for state and local government. The discussion answered several key questions. 

  • What does zero trust mean to you? The term is used and abused by many vendors (just as Cloud and AI were when they emerged on the IT scene). At its heart, zero trust is a new philosophy in networking that prioritizes identity and limits access to only the needed applications at the needed time. Zero trust is a response to ransomware threats. It does not offer a wide open door to networks, eliminating the ability of bad actors to move laterally and disrupt full operations of an organization. 
  • What are common fallacies of zero trust? You do not need to have your whole IT house in order to get there. You can start where you are. In fact, as part of the process of moving to zero trust you are going to gain visibility into who and what is on your network. You’ll gather the information you’re missing. There will be a learning curve and an upfront cost, but compare that to the reality of VPN costs. When you look at costs associated with the hardware and maintenance of those devices and the software that runs on it, the long term benefits of zero trust platforms are clear in terms of future scalability.  
  • What are the best practices in implementing zero trust? The CISA Maturity Model 2.0 provides a great benchmark for you to judge where your biggest security gaps are and plan your path forward. You cannot adopt all of the features in one day, so prioritize the areas that will make the biggest impact in your security posture and those that will most benefit your operations. VPN can be low hanging fruit for starting your zero trust journey. 

Zero Trust for State and Local Government

State and local government agencies face unique challenges when it comes to securing their networks. These entities often deal with sensitive information, from social services to public health data, and are prime targets for cyber-attacks. Plus users access internet-facing and private applications through many different devices from many locations. Traditional VPNs, while once a staple of remote access, are increasingly inadequate in this high-threat environment. State and local agencies relying on VPNs experience:  

  • Broad Access and Security Risks: VPNs grant broad access to the network. Once inside, users can move laterally across the network, accessing sensitive data and systems.
  • Performance Issues: VPNs can slow down the performance of cloud-based applications, which are essential for modern government operations, leading to inefficiencies and reduced productivity.
  • Complex Management: Managing VPNs, especially in large government agencies with numerous remote users, can be complex and resource-intensive, including hardware maintenance, software updates, and ensuring compliance with security policies.

Moving to a zero trust approach allows for pinpointed access to the right applications by the right people at the right time, offering a more secure and efficient alternative to VPNs. The move to zero trust is a cultural shift for IT and security teams requiring new tools and architectures. Agencies looking to change their security approach should consider:

  • Starting with Remote Users: Transitioning remote users to a zero trust model can provide immediate security benefits and serve as a pilot for broader implementation. This approach allows agencies to develop and refine zero trust policies in a controlled manner.
  • Leveraging Existing Frameworks: Utilize frameworks like the CISA Maturity Model 2.0 to guide the implementation process. These frameworks offer best practices and benchmarks to assess progress and identify areas for improvement.
  • Focusing on Scalability: Zero trust models are inherently more scalable than traditional VPNs. As state and local governments continue to expand their digital services, a zero trust approach can grow with them, providing consistent security and performance.

To learn more about how to make the VPN to zero trust switch check out our webinar. The insights and strategies shared can help state and local governments enhance their security posture and improve operational efficiency. 

 

form submtited
Thank you for reading

Was this post useful?

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.