VPNs use virtual connections to create a private network, keeping any device you connect to a public wi-fi safe from hackers and malware, and protecting sensitive information from unauthorized viewing or interception. A VPN routes your device’s connection through a private server rather than the ISP, so that when your data reaches the Internet, it’s not viewable as coming from your device.
A virtual network keeps your data private using encryption, which turns your information into unreadable gibberish only decipherable using a key, which is known to your device. Different VPNs use somewhat different encryption processes, but the general process includes tunneling and your data is encoded as it travels between your device and the server, which then decrypts the data and sends it on to your destination, such as a website. The encryption process prevents anyone who may intercept the data between you and the server, such as a government agency or hacker, from being able to decipher its contents.
Two of the best-known and most popular secure network protocols used in VPN technology are Internet Protocol Security (IPSec) and secure sockets layer (SSL). IPSec connections use pre-shared keys on clients and servers in order to encrypt and send traffic back and forth. SSL VPNs use public key cryptography to securely exchange encryption keys.
Use of the Internet is now essential to global business, from shopping to banking to medicine to entertainment. Using Internet services involves transmitting very important information online, including credit card and social security numbers, and personal information, such as medical histories or home addresses. VPNs keep your Internet use safe from prying eyes, and, when used in a corporate setting, help keep business information from getting into the wrong hands.
For businesses, these provide improved security overall, improved remote access, independence from countries with strict Internet access laws, and a better total-cost-of-ownership when it comes to the aggregate costs of security and networking technologies used by corporate teams. VPNs can also provide safe and secure data sharing between employees and with individuals and groups outside of the business when necessary.
It is important to note that these do not make users completely anonymous on the Internet. Internet services requiring a login, such as Google or Facebook, know when you sign in, and websites can still leave cookies on your machine that identify your visits from particular Internet browsers. Anyone with direct access to the devices you use might also be able to view your activity. And law enforcement officials, depending on local legal authority, may be able to monitor your devices directly or require your virtual network service to give up records of your actions.
The following considerations should help guide selection of a VPN service.
Free vs. Paid: Free services are readily available, but often come with significantly limited functionality or a “catch” that makes up for the revenue the VPN provider isn’t making from you directly—such as tracking you online and selling your personal or browsing data to advertisers.
Secure communications protocols: The robustness of security in VPN tunnels depends on which security protocols are used. Be sure to review these protocols with your provider to ensure appropriate levels of security.
Data privacy protection: Provider privacy agreements can vary widely. Does your VPN provider keep traffic logs? Do its servers operate in countries with strict Internet governance laws and/or oppressive governments?
Capacity and scale: Some providers significantly throttle data, or impose limits on servers and other connecting devices. Consult your provider’s terms of service to ensure the right capacity for your business and that your VPN won’t be unduly limited.
Kill switch availability: A kill switch monitors your connection to the VPN’s server, so if the connection drops or fails, your device is automatically blocked from accidental exposure. Consider kill switch functionality a “last line of defense” that keeps your Internet connection blocked until the tunnel can be restored.
Organizations adopting multi-cloud strategies need security-driven networking solutions to deliver a consistent security policy and appropriate access control for all corporate users, applications, and devices regardless of their location, especially at a time of increasing telework and remote network access. FortiGate IPsec and SSL VPN solutions accelerate productivity using high-performance crypto VPNs.
Explore FortiGate VPN