Virtual private networks (VPN) help businesses make all aspects of their internet or wide area network use more secure. However, there is a great deal of misunderstanding as to how VPNs help. From ‘tunnels’ to ‘secret passageways’, we have read many an intriguing analogy to describe VPNs – but none of them explain their utility clearly or how a business should deploy a VPN. In this article, our IT security consultants explain how business VPN works.
What does a VPN do?
A VPN is basically a connection to a server. Once your device is connected to a VPN, you are no longer interacting directly with the internet/cloud service. Essentially, all network traffic from your computer, tablet or smartphone, is sent to a dedicated VPN server which performs the request.
Here are four basic things a business VPN enables:
- Privacy on the internet – all internet/network traffic routed through a remote server
- Protection from cyber threats – Malware and hacking attempts will be screened by the VPN
- Secure remote access – Access business resources and files while restricting unauthorized access
- Data encryption – Data transmitted between your device and the server will be encrypted
Consumer VPNs only routes web traffic over remote servers, there is no data encryption or secure access.
How does a VPN protect your business?
VPNs offer an advanced layer of security for your business and employees. It keeps your information secure while working over a remote network connection. This can be while using public Wi-Fi in a café, when connecting to another business’s network, enabling remote connection for off-site workers, and even for employees in the office. Our IT Security Consultant tells us that VPNs with data encryption will protect you from:
- Wi-Fi spoofing
- Firesheep
- Wi-Fi data scraping
- Geo-blocking
Best Practices for Deploying VPN for Business:
Exactly how a VPN is to be deployed for business depends on the needs of the business. Discussing it with experienced IT security consultants is the best way to keep your VPN setup simple. We have seen too many organizations incorporate VPNs in a way that makes their IT overly complex or reduces the effectiveness of the virtual network.
Our IT business consultants help business owners and CIOs in Kitchener find the right VPN setup that’s suitable for their infrastructure, needs and budget.
Static IP
Many business cable and DSL internet connections use dynamic IP, which means the IP address changes from time to time. This has two effects. First, it means the VPN cannot be configured to be as secure as possible as it cannot isolate a single IP. Second, your remote employees will not be able to connect to your VPN if they don’t have the most up-to-date IP address. Speak to your managed IT services provider and have your connection changed from a dynamic to a static IP.
Firewall hierarchy
Since all your data will be routed through a dedicated VPN device (whether on-site or off-site), your firewall may become redundant. An IT business consultant will be able to advise you how your firewall should be configured. Connecting a VPN behind your own firewall may not only make the setup more complex, it may add no value. If you are relying on your VPN firewall, make sure it follows the same or higher standards than what your business uses currently.
IPSec VPN
The IPSec VPN is essential for enabling connections from remote devices. An application on the remote device (a smartphone, tablet or computer) allows connection to your company’s VPN server. What it means is you, or your IT Security Consultant, can configure the server to receive only those connections that meet security criteria, such as username and password logins and specific IP addresses. An additional layer of security can be included by connecting the remote device to a separate VPN which redirects to your business’s VPN.
SSL VPN
For a ‘clientless’ solution, SSL VPNs are a great option. The remote device visits an IP address or URL using their web browser. There they enter login credentials and are given the option to connect to a VPN. A small applet is downloaded to the device and enables the VPN connection. Depending on how the SSL VPN is configured the applet can be persistent (it doesn’t need to be downloaded again) or it can be session-dependent only. It’s perfect if you need to enable remote access for clients and consultants.
Speak to an IT Business Consultant About Your VPN
Call EMKAL to speak to an expert managed IT services team. We work with many businesses in Kitchener to deploy, manage and monitor their VPN network. VPNs offer an excellent layer of security with little or no impact on a business’s workflow.