Compatibility – or a lack thereof – is a big deal in business. It drives purchasing decisions, vendor selection and software suite adoption. In everyday business, software incompatibility is a matter of losing a feature here or there or having to create a “zap” between pieces of software to get around an issue.
But when it comes to cybersecurity and cyber resilience, the stakes are higher. In these instances, vulnerabilities emerge when incompatibility stalls the deployment of a protective service or leads to the adoption of a subpar substitute. That risk-reward tradeoff may have been okay in years past, but it’s unacceptable with today’s proliferation of cyberthreats and work-from-anywhere business models.
If you’re like most MSPs and work with either an established virtual private network (VPN) or firewall solution, you likely know where this blog is headed – mobile DNS protection. The lack of compatibility between DNS protection suites with VPNs and firewalls used to be a nuisance. Now, it’s a problem. Your clients need protection when employees are working from home, at the coffee shop, in the airport, on the train or wherever they connect.
Cyber Resilience for Today’s Realities
True cyber resilience means solutions adapted for the realities of today, not the realities of 2019. Two big realities:
- Remote work is here to stay, and it’s not just at home; it’s mobile.
- Most MSPs already have VPNs, firewalls and other tools deployed.
In other words, in this emerging “here today, there tomorrow” workplace, your DNS protection suite needs to be compatible with the VPNs and firewalls you already use and capable of protecting employees without geographic or network limitations. That means:
- Empowering users to work on any network, anywhere, while maintaining protection by accommodating a combination of VPN, off-network or roaming users
- Securing those connections with encryption while delivering full visibility into the internet activity of secured users
- Actively blocking inbound threats and malicious web traffic
- Achieving these objectives without harming productivity or slowing DNS requests
Another reality – and a big one at that – is the need for DNS-over-HTTPS (DoH) and compliance with the NSA Advisory on DoH. Any DNS protection solution you deploy should also be future-proofed with DoH.
Because of past limitations, this may sound like a tall order. There are providers out there that will work hard to convince you this is the case. But at least one DNS protection provider already checks all of these boxes, delivering next-generation, fully mobile DNS protection while recognizing that, as an MSP, you may already have deployed VPN and firewall tools. So, it’s not as if it can’t be done. The question is a matter of priority – is your provider just a provider or an actual partner? The answer to that can profoundly impact your business and the level of protection you can deliver to your clients.