Challenge

Kooapps maintains an on-premises environment featuring an array of systems including source code repositories and powerful on-site servers that are used to render or compile code. As a software developer and publisher, protecting the security and confidentiality of the intellectual property housed on this infrastructure is essential to Kooapps.

The onset of the pandemic in early 2020 made access to on-premises resources less easy after employees could no longer access Kooapps’ offices in the wake of public health measures. The pandemic made remote access technology a critical part of the company’s IT infrastructure almost overnight: the company’s continued productivity was now dependent on it. Without remote access, the developers who needed to pull and push code to private repositories multiple times a day would not be able to work, and the product managers who needed to remote desktop into on-site servers to tap into computing power their laptops couldn’t provide would be hamstrung.

Kooapps turned to multiple self-hosted VPN products to provide its team with remote access to their private systems, with VPN gateways in each office being hosted on a variety of hardware routers and macOS servers. However, for a technology that people relied on every day to do their work, Kooapps faced friction in the form of cumbersome configuration and administrative tasks, overhead from maintaining multiple VPN technologies, slower internet connectivity, and inconsistent user experiences – all of which created a drag on overall productivity.

Solution

Kooapps was well-experienced with VPN technology and was not actively looking for a Zero Trust-based solution before it decided to evaluate Twingate. However, while their existing VPN solution was serviceable, they were interested in anything that would improve security, user experience, and administrative workloads – but only if the improvements were substantial enough to warrant the effort required to deploy a new technology.

Understandably cautious about rolling out a new system that would impact many users on a daily basis, a quick, smooth deployment process was another pre-requisite of Kooapps for making any shift away from their incumbent solution.

Additionally, as a mobile app developer, being able to use Twingate (whether as an administrator or end user) on a variety of mobile platforms, in addition to the usual desktop operating systems, was key.

After conducting a proof of concept test, Kooapps decided to move to Twingate. Kooapps identified two primary reasons for making the transition. Firstly, the simplicity of deployment, setup, and maintenance for administrators would save them a significant amount of time going forward. Secondly, a much improved experience for end users over their existing remote access solution was seen to result in greater productivity and satisfaction across the board.

Results

Simplifying the Administrative Experience

One of Twingate’s hallmarks is how it simplifies life for administrators – both in terms of deployment and ongoing maintenance. Solon Chen, Co-Founder & Studio Manager, remarked that his immediate impression of Twingate was that it was “extremely straightforward” and that he “was surprised at how much easier it was to set up than a traditional VPN where you have to go through a process involving creating VPN tunnels, assigning IP addresses, and setting up routes for everyone. Also, different people need access to different things, which is complicated to set up securely with a VPN. That wasn’t the case with Twingate.”

Twingate does not require networking expertise to successfully deploy and, although Kooapps did have in-house IT expertise, Chen observed that Twingate’s simplicity meant that it was also a good fit for smaller businesses who did not have dedicated IT departments: “You don’t need to have someone who knows how to program a router.”

Compared to VPNs, ongoing maintenance is easier with Twingate. Changes in infrastructure and user permissions are easily handled in Twingate’s intuitive admin console. “This is valuable for businesses because it’s normally a headache when resources need to be added or removed,” Chen said. “Even though we’re fortunate to have experienced IT people in our team, everyone still prefers to do things the easy way to save time and effort. Why would you do things the hard way when you can do them the easy way?”

Kooapps also appreciated the fact that deploying Twingate did not require them to completely remove their existing VPNs. Not only did this streamline the deployment process, but it also allowed Kooaps to keep their existing VPNs on standby for redundancy and backup purposes.

Improving the End User Experience

For a company whose mission is to “connect the world through amazing daily experiences,” Kooapps has high standards when it comes to the experience of end users and a mission to which Twingate can relate.

With Twingate, Kooapps was able to offer a consistent user experience across their workforce’s diverse range of operating systems and devices, both mobile and desktop. Twingate’s mobile experience is not a second-class citizen to its desktop experience, which is particularly salient for a mobile app developer like Kooapps. As a result, Kooapps’ employees noted that they liked how the procedure for installing and using the Twingate client app is the same whether they were using it on a phone or laptop. “They just need to download the app, enter their credentials, and then they’re done. There are no special setup processes that are platform-specific for users to follow,” noted Chen. In contrast, the experience prior to Twingate was beset by inconsistency. “Different devices needed to use different setup processes and different tools. Settings and buttons were in different places for different clients, which made it confusing to users.”

Unlike a VPN, which routes all traffic through a VPN gateway, whether it needs to go there or not, Twingate provides split tunnel functionality out-of-the-box, allowing Twingate’s client to be “always on” in the background without degrading internet connectivity. With Twingate, users don’t have to consciously worry about remembering when they need to turn on the client to access a protected resource, or when to turn it off to speed up their internet connection for activities like video calls or personal web browsing.

“With our VPN, we constantly had to think about whether the VPN was on or off. There was a lot of unnecessary traffic going through our VPN servers before, particularly when people started working from home. That’s not the case with Twingate – users just log in and forget about it. Everything just works and they don’t have to consciously think about whether they are connected, which is one less thing they have to deal with each day.”

Strengthening Security

The Zero Trust model of network access that Twingate enables is fundamentally more secure than VPN technology. Transitioning to Twingate allowed Kooapps to establish a stronger, more modern security foundation for its network access infrastructure by making it possible for Kooapps to:

• implement least privilege access through software alone and no infrastructure changes;

• impose two-factor authentication requirements on all access attempts via Twingate’s identity provider integration (something not available with Kooapps’ VPN implementations);

• keep its networks hidden from the internet (unlike VPN gateways, Twingate enables remote access without requiring any network component to be publicly exposed);

• mitigate the scope of any network incursions by limiting the ability for an attacker to move laterally within their network; and

• gain visibility into network activity on a very granular level (logs are indexed based on user and device identities, allowing easy analysis of what’s happening on their network).