99% of professionals want to redesign their secure access infrastructure. VPNs, manual processes, and fragmented tools are failing both IT and developers.
Tailscale, the leader in identity-native connectivity and legacy VPN replacement, released their latest research findings:ย Zero Trust Is Dead. Long Live Zero Trust, a comprehensive new report revealing that secure access infrastructure is failing the people it’s supposed to protect. Based on a survey of 1,000 IT, security, and engineering professionals acrossย North America, the research uncovers a fractured landscape of legacy VPNs, slow manual processes, and overlapping tools โ with 99% of respondents saying they want to redesign their company’s access and networking setup from the ground up.
In a finding that underscores the disconnect between policy and productivity,ย 83% of IT and engineering professionals admit to actively bypassing security controlsย in order to get their work done. Equally concerning,ย 68% say they have retained access to internal systems after leaving a previous employer, revealing critical gaps in offboarding and identity lifecycle management.
The data paints a picture of widespread fatigue with legacy approaches.ย Only 10% of professionals say their current VPN setup “works well” with no major issues, while 90% report limitations such as security risks, latency, or operational overhead. Nearly half of respondents (49%) say their access infrastructure is not scalable, and 41% believe it will fail to meet their needs within just two years.
Also Read:ย CIO Influence Interview with Josh Kindiger, President and COO at Grokstream
“Security and productivity shouldn’t be at odds,” saidย Avery Pennarun, CEO of Tailscale. “When developers, engineers, and IT all say the current system is broken โ and worse, start working around it โ that’s a sign the tools need to change, not the people. Zero Trust can solve this, but only if it’s actually implemented as a strategy, not just used as a buzzword.”
Although many organizations claim to be on a Zero Trust journey, the report reveals that most haven’t reached the destination. Justย 29% use identity-based access as their primary model, andย 68% still manage access controls manually, introducing delays and risk. Many companies are juggling too many point solutions:ย 92% use multiple tools for network security, and nearly one-third use four or more.
These operational headaches directly impact teams. More than two-thirds of engineers say IT and security policies actively block or misunderstand their workflows. At companies heavily reliant on VPNs, employees were nearly twice as likely to report broken access or security workarounds compared to those using modern tools.
Despite the challenges, the report also highlights encouraging signs of progress. Nearly half of companies are actively trying to consolidate their toolsets, and early adopters are moving to identity-first architectures and just-in-time access models that offer better security and a smoother user experience. AI and automation are also emerging as key enablers of adaptive policy โ not just detecting threats, but adjusting access dynamically in response to context.
Also Read:ย Confidential Computing vs Traditional Encryption: Key Differences Explained
[To share your insights with us as part of editorial or sponsored content, please write toย psen@itechseries.com]
