Avatar

In collaboration with Bethany Duffrin

Saving 30 seconds doesn’t sound like a lot until you imagine several 30-second savings per day, multiplied by weeks, months, and years. Across an enterprise, saving seconds can even amount to hundreds of thousands of hours saved per year. We know it’s true because we’re one of those enterprises.

More than 80,000 Cisco employees and half as many contractors authenticate for VPN access daily. With an average connection time of 30 seconds, the potential time savings are dramatic. This translates to close to a half-million hours saved per year — simply by eliminating the time required to authenticate users for virtual private network (VPN) access.

Our Cisco IT Customer Zero team is always testing and improving the Cisco products that our employees are using, to both keep our company safe and secure as well as maintain a smooth, seamless user experience. So, when we received feedback from colleagues about the time it takes to connect to our VPN due to authentication verification, we knew it was time to improve the user experience.

Picture the following scenario (it’s likely not difficult and all too relatable): You’re sharing your screen with a customer during a Webex meeting. You need to pull up a presentation stored on the network, but suddenly realize you aren’t connected to the VPN. You struggle to make small talk while trying to remember the password that you just changed due to the company’s password rotation policy. You somehow manage to remember that you stored the long string of incorrigible characters on a post-it. Now you enter it and wait to perform multi-factor authentication.

What if, instead, you were automatically signed into VPN without having to check a box or enter a password?

Enter passwordless VPN authentication!

Passwordless VPN authentication is certificate-based and deployed via Cisco’s Device Management suite, which is offered only to Cisco employees. Once your device is registered and you start a VPN session, your certificate automatically validates your credentials (for Window and Mac users) and authorizes your network access without requiring you to do anything. After you’ve successfully connected, a final multi-factor check ensures your device is properly managed before allowing access to the network.

Authentication screen
Figure 1: VPN Authentication Image and VPN Posture Check

With passwordless VPN authentication, Cisco IT enables a better user experience while enhancing security with phishing resistant authentication.

In August 2022, Cisco IT began introducing certificate-based authentication in addition to the legacy, on-premise SSO solution. Since then, approximately 53,000 unique users have adopted certificate-based authentication – a number Cisco IT expects to rise as more users migrate to this cloud-based solution.

With one click to connect, significant time savings, and a more secure experience, passwordless VPN is a no-brainer for Cisco employees.

Now, imagine what you can do with all those extra minutes! Stay tuned for more security announcements in the next months.