What is a VPN?
Virtual Private Network Software and Services Explained
In 2010 approximately 1.2 trillion gigabytes worth of data was created, moved and modified worldwide. By 2020, this number rose nearly 5000% with 59 trillion gigabytes leveraged across the globe.
The challenge? Keeping all this data secure.
With cyberattacks on a consistent upward trajectory over the last decade as malicious actors leverage both familiar phishing attacks and develop new ways to infect systems and hold data hostage, businesses need proactive protection that helps reduce the risk of attack — instead of picking up the pieces after the fact.
Virtual private networks (VPNs) can help.
But what exactly is a VPN? How does it work, and what benefits does it offer for your business? Here's what you need to know about virtual private networks, software and services.
What is a VPN? What it Does and How it Works
The purpose of a VPN is to keep your data safe during transit. While many companies have encryption protocols in place that defend data at rest, motivated attackers are now capable of eavesdropping on data in transit to examine or exfiltrate key information. This is especially problematic if your business is sending and receiving data governed by compliance regulations such as HIPAA, GDPR or CCPA — if financial, legal or medical data is compromised between sender and receiver, your company may face steep fines, legal challenges and potential reputation damage.
VPNs solve this problem by creating an encrypted "tunnel" between sender and receiver. This tunnel can stretch between any two points, allowing the secure transfer of information over the Internet at large, via internal corporate networks or a combination of both. Data packets being transferred are encapsulated in an encrypted, outer packet shell which then travels along the tunnel created by your VPN service or software. When data reaches its destination, the outer shell is removed via decryption, allowing recipients to view the original data packets.
There are two broad types of VPNs: Site-to-site and remote access. Site-to-site VPNs provide a secure connection for one user between two points — such as a remote worksite and a corporate network — while remote access solutions use VPN gateways that allow multiple, secure user connections simultaneously.
Benefits of VPNs
VPNs offer multiple benefits, including:
Every packet of data sent via a VPN is wrapped in an outer, encrypted packet layer and then sent through a secure tunnel connection. Paired with robust encryption at rest, VPNs can help reduce the total attack surface of your digital assets.
When using a VPN, your location and online activities are obfuscated. Even if attackers manage to eavesdrop on your connection, they'll only see your VPN provider's location and won't be able to track what you're doing online, where, or for what purpose.
VPNs also help streamline security because they're simple to set up and deploy. No extra steps are required for users to encrypt and secure information — everything is handled by VPN software itself. IT staff can also set up always-on connections that further streamline the process by providing automatic security for in-office users.
VPNs and Privacy
VPNs offer increased privacy because they don't just encrypt your data, they also obfuscate its source. This means that when would-be attackers attempt to discover what you're doing online or what type of data you're sending they're not only met by robust encryption, they also have no idea where your data came from or what you're doing online. Malicious actors see the location of your VPN provider — which could be in another city, state or country — instead of your actual location.
VPNs and Identity Theft
VPNs can also help reduce the risk of identity theft. Consider the case of personal data sent from staff to HR teams via corporate network connections. If attackers can compromise and steal this information, they could use it to impersonate employees and open new credit cards or bank accounts, make fraudulent purchases or sell this information to other nefarious actors. Compromised data could also be used to access business networks and deploy malware or ransomware tools undetected.
VPNs help frustrate attacker efforts with robust encryption. Even if threat actors can get their hands on personal or professional data, effective encryption renders it useless — they're left with nothing but digital gibberish that offers no actionable value. The caveat? To consistently reduce the risk of identity theft, businesses must ensure that all staff connections are routed through VPN software or services.
Popular VPN Use Cases
Some popular VPN use cases include:
- Remote work access
With many employees now working from home or on the road, secure access anywhere, anytime is critical. VPNs help ensure that no matter what network employees are using, their connection with protected business servers is secure.
- Secure file transfers
Sending files over email is a common point of compromise. VPNs, meanwhile, offer a secure alternative for secure file transfers that obfuscate and encrypt information end-to-end.
- Cost control
Evolving security threats mean that businesses are under pressure to defend key data anytime, anywhere — and this can quickly get expensive. VPNs, meanwhile, offer a protective combination of predictable costs and improved security performance.
VPN Software and Services
To access the benefits of virtual private networks, you'll need VPN software or services.
VPN service providers are now commonplace, with a host of free and for-pay options available online. Differentiators include the type of encryption protocol used — OpenVPN and IKEv2/IPSec are common solutions — and how much information your prospective provider collects about your network and data while in use. It's worth doing your research on VPN providers to ensure you select a reputable, reliable service that doesn't inadvertently increase your security risk.
It's also possible to run a VPN yourself — so long as you have the right software. Solutions such as Netgate pfSense® Plus or TNSR® provide total control over the VPN experience by allowing you to tailor granular permissions, customize user roles and scale packet processing to meet your needs, in turn offering substantive cost savings over time.
It's worth noting that pfSense Plus and TNSR are designed for different use cases. While both are based on Open Source code, pfSense Plus supports both site-to-site and remote access VPN connections, and performs well on connections up to 10Gbps, depending on average packet size and level of encryption. TNSR, on the other hand, focuses on blazing fast site-to-site VPN connections capable of scaling to 100 Gbps or more, and is far more impervious to average packet size and level of encryption.
Keep it Secret, Keep it Safe, Keep it Simple
VPN services and software offer reliable, affordable ways to defend business data and reduce total risk. When it comes to choosing your best fit, however, it's worth asking the question: Who's in the middle? While as-a-service providers promise top-tier security, it's difficult for businesses to know if they've selected the right partner until something goes wrong. With software-based roll your own solutions, meanwhile, you can skip the middleman to gain total control of your data and reduce overall risk.
Your data. Your choice. Your VPN. From automatic obfuscation to robust encryption and ease-of-use, a roll your own VPN solution can help your company keep data secret, keep users safe, and keep access simple.
Ready to improve your data security process? Contact Netgate to start a conversation and learn more.