In the context of rapid global digital transformation, the growing demand for secure remote access to internal enterprise systems led to the emergence of Virtual Private Network technology in the late twentieth century. Initially, VPN was designed to replace costly leased lines, enabling a limited number of users to connect remotely to internal systems over the Internet while maintaining essential security.
Over time, alongside the rise of flexible work models, multi office operations, and multi cloud environments, VPN has become a core connectivity infrastructure for most enterprises. However, its approach of granting broad network access after initial authentication has revealed significant limitations. Once a user or device is granted VPN access, they are often able to reach a wider range of resources than necessary, significantly increasing the attack surface and the risk of deep system intrusion.
After more than three decades of development, traditional VPN based security models are increasingly showing inherent weaknesses. VPN systems often struggle to scale, require substantial investment and operational costs, and place heavy burdens on IT teams due to their complexity in configuration and access control. Notably, according to reports in 2025, ninety percent of enterprises acknowledge difficulties in operating VPN systems and express an urgent need to redesign their access and connectivity models toward more secure approaches.
In response to these challenges, Zero Trust Network Access has emerged as a new paradigm in network access management. Unlike traditional VPN, ZTNA is built on the principle of never trust by default, requiring continuous authentication and verification for every connection, regardless of whether users or devices are inside or outside the network. Access is granted strictly on a least privilege basis, aligned with specific roles and responsibilities. This enables enterprises to enforce granular access control, reduce the risk of external breaches, and minimize potential damage even when incidents originate internally.
Globally, ZTNA is increasingly recognized as a foundational step toward implementing Zero Trust architecture, which is becoming a dominant trend in modern cybersecurity strategies. In Vietnam, VinCSS Internet Security Services JSC is among the pioneers researching and developing solutions based on this approach. At the end of last year, VinCSS officially introduced ZQTA, a next generation Zero Trust Quantum-Ready Network Access platform.
One of the key highlights of ZQTA is the integration of FIDO2 passwordless authentication, enabling users to verify their identity securely and conveniently with a single touch. As a result, even with the continuous authentication requirements of Zero Trust, user experience remains seamless, eliminating reliance on passwords and significantly reducing the risk of credential theft.
In addition, VinCSS incorporates post quantum cryptographic algorithms into the ZQTA platform to ensure long term data protection. In the face of emerging threats such as “Harvest Now Decrypt Later”, where attackers collect encrypted data today with the intention of decrypting it using quantum computers in the future, adopting quantum resistant security mechanisms is a strategic move that strengthens enterprise resilience against future risks.
To support enterprises in adopting Zero Trust without replacing their entire existing hardware infrastructure, ZQTA is designed as an integrated solution combining both software and hardware. This approach extends security capabilities even to legacy IoT devices that typically struggle to meet modern security standards, enabling them to become part of a unified ZTNA ecosystem. As a result, the transition to a Zero Trust model can be implemented in a flexible, secure, and cost efficient manner.
The shift from VPN to solutions such as ZQTA is not merely a technological upgrade but reflects a fundamental transformation in security mindset, from implicit trust to identity and context driven control. As cyber threats continue to evolve in sophistication, selecting the right access model will play a critical role in safeguarding digital assets and ensuring sustainable business operations in the digital era.
