Other technologies that are relevant to this discussion is Cloud and Software as a Service (SaaS), along with implementing parts of Zero Trust (https://threatpost.com/practical-guide-zero-trust-security/151912/), which doesn't rely on perimeter oriented defenses like VPN. Some companies have moved to using SaaS where techniques like authenticating client hosts and authenticating users on a per application basis provides security without needing to go through a VPN. This can also provide a better user experience. A high level example of this is described here: https://www.cio.com/article/3540490/how-intel-it-transitioned-to-supporting-100-000-remote-workers.html