I am certain that many people are familiar with the concept of a VPN or virtual private network. They are used to gain access to a corporate network while traveling or at home. I would assert though that few are familiar with the growing market of personal VPN providers who target non-commercial entities and individuals.
According to Orbis research Statista:
This emerging market has many players. Understanding which to use can be quite confusing to someone who is not well informed on the topic.
We will explore the concepts of how they differ from the often-provided corporate VPN’s. As well as discuss how to use them to protect your private information aside from how the company protects itself.
Most business travelers do utilize corporate VPN connections to gain access to company files and services. When the traffic is not destined to the business networks, the traffic is not tunneled back to the home office. This configuration is called split tunneling.
It is a very common configuration. Network engineers configure this so that users will not saturate the VPN concentrators with YouTube, Netflix and other non-business-related traffic. Additionally, as business travelers it is incumbent on us to use company assets such as bandwidth in a manner which is in line with our companies’ policies.
Most if not all personal VPNs use a client-based software to encapsulate and encrypt the traffic. This makes it very hard to unscramble if someone is capturing data from an open network.
The other mechanism used is to proxy the traffic to a third party where it is then sent to the eventual destination. The proxy or redirect mechanism ensures that the transmitted information doesn’t contain the public IP of the coffee shop or public network but the source IP address of the proxy service. This is important when connecting to financial institutions that monitor the public IP address that you normally connect from.
If for some reason another person attempts to connect to your bank account through the bank’s web portal, the bank would notice that it is not the normal public IP address that you would typically connect from and disallow the login attempt.
Firstly, who should use a personal VPN? The answer is anyone who regularly uses free and open Wi-Fi at public places. Anytime you connect to the coffee shop Wi-Fi or to a hotels guest network connection, you are often at risk of someone intercepting the unencrypted traffic you are sending and receiving. This vulnerability has existed for many years and is called a, “man in the middle attack”.
This sort of intrusion used to be carried out by very skilled hackers but these days the attack is very well documented. Toolkits to exploit these common scenarios are being used by very unskilled characters.
Personal VPNs circumvent the vulnerabilities of open networks by using encapsulation and traffic proxying so that the connection is more secure and free from prying eyes.
Good rules to live by regarding when you should use a VPN include:
If any of these conditions exist, I would recommend using a personal VPN to protect yourself. The many protective and anonymizing mechanisms that the VPNs employ would allow you to safely transmit and receive any data without the risk of intrusion.
I will not make any direct recommendation since at Zunesis do not sell these products directly. We can help with the implementation of them if requested. I would recommend that you find a solution that does satisfy the conditions I have covered.
This article from PCMag.com gives a great overview of how VPNs work and how each VPN company compared to the others.
At Zunesis, our expertise and offerings focus on corporate VPNs and other firewall services. We find it equally important that our clients and partners understand the risks involved when not utilizing some protective measures when they connect to open public Wi-Fi systems.
We have all heard of the unlucky Hollywood stars who have had their personal accounts targeted or hacked at great expense to themselves. Reputations are very important in business and in private life. Remember that the weakest link is not the traffic we monitor, it is the traffic we do not.