A VPN or Virtual Private Network is a secure method of connecting a remote computer or other devices to a server.
With a VPN you can unblock almost any website that limits access based on IP address, and bypass filters to reach your favourite sites any time you want. This makes it ideal for restricted public Wi-Fi hotspots, or watching Let’s Play videos on YouTube at work (although don’t tell your boss it was our idea).
In this guide, we'll first show you the best VPNs for your needs, then how to set them up and keep them working well.
VPN checklist
From a simple browser-based VPN that uses SSL, to more complex systems, there is a VPN for every need. Use this checklist to help guide your decision-making:
1. Perform a data audit to assess the VPN features that are needed
It is important to understand who will connect together using a VPN, and what kind of data they will exchange. This will guide your business to the right VPN protocol to use.
2. What kind of internet connection does your business have at the moment?
VPNs can easily use large quantities of bandwidth, so ensure your business connection can cope with this additional traffic. And don't forget you'll need static IP addresses to avoid the need to set up a new VPN each time a connection is required.
3. The maintenance of a VPN is vital to ensure it stays secure
It is essential to focus on the security aspects of the VPN connection. As a VPN could be in front of or behind a firewall, its security is of paramount importance. Antivirus software should be in place and up-to-date.
4. How to use public Wi-Fi and VPNs
If your business just wants to securely connect its workforce together when they are using public Wi-Fi, this is possible with a number of applications including HotSpot VPN and WiTopia .
5. Ensure that any VPN client is secure
A VPN will use its own client to make the connection to another device or server. The user ID and password will be stored on these devices, which of course could be stolen. Use a personal firewall, or a password on the computer's BIOS to prevent unauthorised personnel using the VPN client if the device was stolen.
Steve Roberts, service development manager at business communications provider Vtesse Networks , advises: "When setting up a VPN, organisations must ensure that their provider meets basic security standards such as ISO 27001, which may be required for governance purposes and data protection obligations.
"This is certainly true for PCI certifications too. If the organisation is handling credit card information, it can't afford to fall short when it comes to meeting these regulations."
- The 5 best VPN services of 2017
As with all services you buy for your business, not all VPNs are the same. It is important to spend some time choosing the right VPN, as your business will rely on its efficiency as well as its data encryption ability on a daily basis.
Using a VPN allows two computers to make a secure connection to each other. The connection uses special protocols to establish a temporary bridge between the two machines. The data that travels over the bridge is encrypted.
The address of the recipient is in view so the data can be delivered, but the content of the message is completely hidden during transmission over the VPN. Businesses often also use VPNs to connect servers located in different offices giving employees seamless – and of course secure – access to the files and other assets (such as printers) they need to use.
Server room
Network protocol
Before setting up a VPN, the type of network protocol has to be chosen. There are four to consider:
SSL (Secure Socket Layer)
This protocol will be familiar if you shop online or do online banking. SSL is the encryption that these services use. For very small businesses, SSL is ideal as the VPN is set up via an internet browser.
Open VPN
If cost is an issue, this VPN is based on open source SSL code but as its name suggests, the code can be seen – and potentially hacked – by anyone.
PPTP (Point-to-Point Tunnelling Protocol)
This is the latest type of VPN. It is supported natively by Windows , Mac OS X and mobile operating systems, which makes it ideal in the brave new world of BOYD and WYOD where personal devices need to be secured.
IPsec (Internet Protocol Security) and L2TP (Layer 2 Tunnelling Protocol)
These VPNs are inherently more secure than PPTP, for instance, but are more complex to set up.
Surface
If you just need to quickly set up a VPN and are using Windows 8 , the operating system has a wizard that walks you through the process. You will need the IP address or the domain name of the computer or server you want to connect to. Note that Windows only supports PPTP and L2TP/IPsec protocols.
And if you choose to use the PPTP protocol, you must ensure the network router is set to forward VPN traffic. There should be instructions on how to do this in the router's manual.
Also, for a VPN to operate effectively, static IP addresses must be used. Some businesses will use dynamic internet connections, which means a new VPN has to be established each time any computers or other devices want to make a secure VPN connection. This isn't ideal and certainly not very efficient for employees working away from their main offices, where they can obtain IT support.
Check the SLA
There are a number of VPN services to choose from. Many of these are free at least for their basic features, which in many cases will suffice for small business needs. However, pay close attention to the SLA (Service Level Agreement) that is attached to these services. Often you will be giving your agreement to see adverts and other annoying content.
As Steve Roberts explained to TechRadar: "The multitude of service providers can be confusing so defining your business requirements beforehand helps to narrow down this list. It will also ensure the business gets the SLA they want, with the right availability, repair time and performance guarantees.
"Some of the providers which lead on price alone offer little more than consumer/residential broadband services – this is probably not suitable for organisations looking for a more robust VPN service."
Leading VPN suppliers include:
- Private Internet Access
- Hotspot Shield Elite
- ProXPN
- CyberGhost
- HideMyAss
- F-Secure Freedome
- NetMotion Wireless
- TorGuard
- Private Tunnel
- NordVPN
Understanding your organisation's precise needs before choosing a VPN service provider is critical. With so much choice available, taking the time to evaluate VPN services on a shortlist will enable your business to see how each platform would be implemented across your company.
How businesses operate these days, with dispersed workforces that require round the clock access to data, has meant a shift in how data is managed. The cloud has of course impacted on how information can be saved and accessed from any location. But should we look at data security differently? This is the question Google is asking.
Traditionally the first line of defence a business would have against cybercrime would be its firewall. Erected to protect sensitive data behind it, this barrier technology has existed for decades. Google is now arguing that with the cloud dominating business, that security should move to this space. Google explains in itspaper , BeyondCorp: A New Approach to Enterprise Security:
"Since the early days of IT infrastructure, enterprises have used perimeter security to protect and gate access to internal resources. The perimeter security model is often compared to a medieval castle: a fortress with thick walls, surrounded by a moat, with a heavily guarded single point of entry and exit.
"Anything located outside the wall is considered dangerous, while anything located inside the wall is trusted. Anyone who makes it past the drawbridge has ready access to the resources of the castle.
"Google's BeyondCorp initiative is moving to a new model that dispenses with a privileged corporate network. Instead, access depends solely on device and user credentials, regardless of a user's network location – be it an enterprise location, a home network, or a hotel or coffee shop. All access to enterprise resources is fully authenticated, fully authorised, and fully encrypted based upon device state and user credentials.
"We can enforce fine-grained access to different parts of enterprise resources. As a result, all Google employees can work successfully from any network, and without the need for a traditional VPN connection into the privileged network. The user experience between local and remote access to enterprise resources is effectively identical, apart from potential differences in latency."
Chicago techstop
Efficiency and transparency
There is no doubt that the cloud will continue its rise to dominance across the entire business landscape. Current security measures that seek to erect barriers to information access, or create securely encrypted tunnels to connect mobile devices will continue.
The perceived security issues with the cloud do persist, but these are receding. Google's vision of a new security environment is ambitious but could deliver the efficient and transparent security that all businesses need.
0 comments:
Post a Comment