Four Common Myths about VPNs
by VPNHaus | 12/07/2017 | Cybersecurity Strategy, Encryption, Endpoint Management, IT policy, VPN
A Virtual Private Network (VPN) is a useful tool that encrypts data before it passes across the public Internet and then decrypts it when it reaches its destination. Rather like shutters on the windows of a house, it shields what goes on inside even though the outside can be seen by everyone in the street.
The process, often referred to as tunneling, is particularly useful for businesses whose workers have to use the Internet in public places like coffee shops or airports. It is also helpful for those who want to keep confidential customer information or intellectual property away from the prying eyes of hackers and spies.
In 2017, the U.S. Trump administration overturned regulations preventing ISPs from making money from users’ browser data. At the same time in the UK, the Investigatory Powers Act served to increased government surveillance of Internet activity in response to a heightened threat of terrorism. Both led to a surge in interest in VPNs.
A VPN is an established technology that has traditionally been seen as the province of technical specialists. Perhaps because of this, and in spite of VPN services becoming easier to deploy, a number of enduring myths persist.
Here are four of the most common myths:
1. All VPNs are the same
No. In an era when all online activity is tracked and logged, the ability to shield one’s data from unwarranted attention is very appealing. The VPN market, however, is no less competitive than any other. A wide variety of services exist from basic consumer-level apps to complex, enterprise-class environments.
Technical capabilities can also vary widely according to a supplier’s business model, network infrastructure and how much they charge. For example, some offer strong data encryption (SSL or IPsec), others weak (OpenVPN or PPTP); some keep minimal data logs while others keep detailed logs which they may sell to third parties; and some use their own server network while others rent their infrastructure or host their service in the cloud.
2. VPNs provide anonymity
No. It is not possible for VPNs, Tor, Bitcoin, proxies or any other form of encrypted messaging to ever guarantee 100 percent anonymity.
In the case of a VPN, data passes through an encrypted tunnel to a server with a common IP address shared by hundreds of other customers of the provider. It is then sent across the open public Internet.
The shared IP address only provides safety in numbers. But as Edward Snowden said a few years ago in relation to mass surveillance, any agency that is prepared to dedicate enough time and resources will eventually uncover one’s identity.
Privacy and anonymity are often confused. A VPN will keep your data private but it will not make you anonymous. What a VPN does do, however, is secure data from casual surveillance and help protect privacy.
3. VPNs affect performance
Not necessarily. A VPN’s effect on performance depends on two things. First, the Internet connection speed. It is not possible for a VPN’s speed to be greater than the speed you get from your Internet service provider.
Second, in what city/country does your VPN reside? It’s important to be able to select from the widest possible range of optimized servers in a variety of locations to help give you the best possible connection speeds. Free VPN service providers often have very few locations to choose from and so are more susceptible to slower speeds than providers with servers in wide variety of worldwide locations.
4. VPN logging is a bad sign
Not necessarily. Some free/low-cost VPN providers have earned a dubious reputation for collecting customer log data and selling it on to third parties.
This has given rise to a fair number of providers advertising a so-called “no log” service. IT admins responsible for a large enterprise infrastructure will know the importance of log data and that having zero log data in your own network is neither feasible nor desirable.
If a VPN service uses hosted or cloud-based servers, this becomes even harder to enforce. In fact, a small amount of data logging can help improve the service. For example, log data can help optimize network connections, improve reliability or troubleshoot specific customer issues.
According to Edward Snowden, companies “should only collect the data and hold it for as long as necessary for the operation of the business.” In the case of VPN providers, they should retain the minimum amount of data needed to operate the business and delete it as soon as it’s not needed.
A business-grade VPN is one of the most reliable ways to ensure confidential company data travels in complete privacy across the public Internet. With a secure VPN connection, mobile workers can connect remotely to company resources in the cloud or in data centers anywhere in the world regardless whether their Wi-Fi access point is inherently insecure.
This type of VPN keeps customer confidential, financial and other sensitive company information private, encrypting the data while replacing the original IP address with a commonly shared one, masking it from the casual surveillance of outsiders.
It also allows IT admins to manage the complex VPN needs of many workers remotely from a single, central control point.
In summary, professional VPN software provides businesses with complete confidentiality for data, enhances employee productivity and protects their privacy while simplifying the management of complex VPN environments.
Among the many VPN offerings on the market, a business-class VPN is the only one capable of standing up to scrutiny in terms of trust, performance, ease-of-use, transparency and reliability.