Telecommuting is the future of work. Or at least that’s how some today see it, such as Forbes Magazine. However, remote work means less-monitored work spaces which presents some cybersecurity issues. That’s why many companies opt for using a VPN which creates a more secure work environment, no matter where employees work from; but this can be a double-edged sword.
What is a VPN?
VPN stands for virtual private network. Simply put, it’s a private network created on the internet or within another network. In other words, it allows for a company and its employees to privately connect with each other through the internet while excluding access from third parties.
VPNs protect information on servers whether they be third-party servers or owned by the company. It is as if the devices were physically connected to the network, despite being connected remotely. Thus it offers some advantages while maintaining a safe connection. However, like any other type of network, VPNs have their weak points.
Pros and cons of VPNs
When a company chooses to use a VPN, a fairly common practice today, the pros and cons of doing so must be taken into account. One advantage is a controlled environment can be created, guaranteeing data privacy. Another pro is there is less of a risk of suffering an attack, so long as the VPN follows strict security guidelines. Also, VPNs are easy to operate once set up.
However, there are some key points to remember which could endanger the network. When choosing a VPN service, it is important to go through a reliable provider, since they will be in charge of security and will have access to all information transmitted over the network. Another thing to keep in mind is that all VPNs are subject to common network attacks.
Key points to remember
When using a VPN, one should focus on three fundamental aspects. Firstly, the correct protocol should be chosen. There are many to choose from, including:
- L2TP: Layer 2 Tunneling Protocol. This protocol was designed by members of the IRTF, improving upon PPTP and L2F. There are many varieties of data packets used when transporting L2TP traffic, such as X.25, Frame Relay and ATM. L2TP includes authentication methods PPP, PAP and CHAP. It can use the protocol suite IPsec to encrypt each IP packet. It is currently one of the safest available options.
- SSTP: Secure Socket Tunneling Protocol. This encrypts traffic with the Transport Layer Security (TLS) cryptographic protocol, also making it one of the safest VPNs.
- IKEv2: Internet Key Exchange version 2 is a VPN protocol developed by Microsoft in collaboration with Cisco. It is used along with IPSec in many mobile devices. This protocol, while safe, has been violated on various occasions by the NSA, highlighting significant security flaws.
- OpenVPN: This is one of the most used open-source protocols. Some of its advantages include its encryption (AES-256 bit and 2048-bit RSA) and the fact that it is available for almost all platforms, which has made it popular in recent years.
The second essential aspect is having good encryption. This depends on the connection speed, and more importantly, on data integrity. Solid packet encryption and strong authentication are vital to safeguard information on a VPN.
The third aspect, which is often overlooked, is network configuration. It is crucial to make sure the network works properly. Special attention should be paid to network segmentation. Weak segmentation will cause overlapping and could give users access to parts of the network they should not have access to, implying additional security issues. Therefore special attention should be paid to segmentation, both with hired services and company-owned servers,
In addition to all this, one should remember that VPNs encounter the same security problems as any other network. That’s why it is recommended to follow security recommendations, such as those from the UK National Cybersecurity Centre(NCSC), and prevent any meddling with an advanced cybersecurity solution such as Panda Adaptive Defense. By foregoing these measures, you could find yourself facing big problems rather than a solution.