What is a VPN?

What is a VPN?

A VPN, or a virtual private network, is a service that protects your internet connection. It encrypts your data, protects your online identity by masking your IP address and allows you to use public WiFi hotspots safely.

VPNs create a private, encrypted network within the public network providing an extra, and known, layer of security and privacy.

What Are the Types of VPNs? 

Different types of VPN services link you to a VPN server. A server stands between your device and your desired web service. 

  • Personal VPN 

A personal VPN, also known as a “consumer” or “commercial” VPN, refers to services meant for personal use. Reputable personal VPNs encrypt your connection and hide your online identity. They allow you to change your geographical location, ensuring your individual security isn’t compromised. 

  • Remote access VPN

A remote access VPN, also called a client-based VPN or client-to-server VPN, enables you to connect your device to a private network outside your organization’s office. VPN encryption is used to protect and secure data as it travels to and from the private network.

  • Site-to-site VPN

A site-to-site VPN connects multiple networks in different locations. For example, if a company has two office locations, a site-to-site VPN could be used to connect them to the central office location. This type of VPN is often used by organizations with several locations in different parts of a country or the world. 

  • Mobile VPN

A mobile VPN may be a better option if you don’t have a stable connection on the same network for the duration of your session. With a mobile VPN, the connection is maintained even if you change WiFi or cellular networks, lose your connection or turn off your device. 

What Are the Benefits of Using a VPN?

The term “virtual private network” might sound intimidating, but VPNs are e easier to use than you might think. A VPN can help both individuals and companies of all sizes. Traveling and using public WiFi, transmitting sensitive information, or simply enjoying Netflix entertainment options can all be done more safely when using a VPN.

  • Avoid bandwidth throttling

Bandwidth throttling happens when your internet speed is intentionally slowed down by your internet service provider (ISP) or someone else who has control over how your WiFi network performs, such as a network administrator. Bandwidth throttling typically occurs with data-intensive activities like gaming, streaming and torrenting online. Throttling can also happen when you reach your data usage limit. 

Because bandwidth throttling is sometimes triggered by the sites you visit or the type of activity you engage in, if your ISP cannot see the data flowing to and from your device, they cannot throttle it. However, they may still throttle your data at certain times of day to free up bandwidth.

  • Protect your online activity

An application or website can track your online activity without your knowledge. It can analyze the information gathered and use it to target you with advertisements. Without a VPN, you could face unwanted pop-up ads, which can disrupt your browsing experience.

  • Secure connection for remote work

As more people transitioned to working from home, sensitive company and customer information has become more vulnerable to theft.

Assume an employee connects to a work computer on a public network without using a VPN – because the employee did nothing to conceal their information, anyone on that public network could theoretically gain access to the internal company network.

Unrestricted access to company files and customer information can be disastrous for a company. When connecting to business-based networks, using a VPN can help ensure that sensitive data is hidden behind the dummy information provided by the VPN.

What Should You Look for When Searching for a VPN? 

It is critical to select a VPN that meets your requirements while also providing the best security and performance. When looking for a VPN, look for services that provide:

  • Speed: Sometimes, your ISP will limit your speed depending on your online activities. For example, if you are streaming a live event during peak internet hours, your connection may be slowed down. 
  • Security: VPNs protect data as users interact with apps and web properties over the internet, and they can keep certain resources hidden with the use of encryption.
  • Stability: VPNs can make your connection faster and more stable depending on the resources of your current internet service provider.
  • Streaming: With a streaming VPN, your virtual location is altered. For example, if you want to watch a show or movie that is only accessible on Netflix in Canada, you simply use the VPN to to connect to a Canadian server.
  • Optimized servers 256-bit encryption: This is the highest level of encryption available, and it will protect your personal information as well as your browsing activity.

Can VPNs be Hacked?

The short answer is that yes, VPNs can be hacked. 

Threat actors can use a brute-force attack to compromise user passwords, device certificates or pre-shared keys. In the event that someone brute forces a set of VPN login credentials, they might be able to connect to the network. However, that doesn’t mean the VPN has been hacked per se. The attacker can access the user’s VPN account, but they would be unable to decrypt traffic from other users, as they compromised the user login credentials, not the encryption. 

A more serious situation occurs if a threat actor compromised a pre-shared key, such as from a VPN config file. Depending on the VPN provider’s configuration and security controls, the attacker may be able to decrypt user traffic or launch a man-in-the-middle (MiTM) attack. In an MiTM attack, the threat actor essentially poses as the VPN provider, then secretly intercepts traffic between the VPN users and the sites they are accessing – allowing them to view or modify data in transit. 

Additionally, it’s important to note the innate limitations of using a VPN. A VPN only protects internet traffic between the client and the VPN provider and doesn’t offer any extra security beyond that. For example, if you access an insecure or malicious website, doing so through a VPN won’t protect you from being phished, downloading malware, etc.

Do I Need a VPN?

Even though VPNs are imperfect, using one is a good idea, especially when using public WiFi networks or working with sensitive data. VPNs encrypt your traffic and help safeguard your privacy against cybercriminals.

VPN Alternatives for Businesses

While VPNs are useful tools for consumers, they’re not always good options for businesses. They’re notoriously sluggish, difficult to use, and don’t scale well. Additionally, most of them don’t support modern zero-trust security controls, such as least-privilege access, role-based access control (RBAC) and multi-factor authentication (MFA). In particular, VPNs aren’t the best solution for cases where IT and DevOps teams need to remotely access IT infrastructure.

Keeper Connection Manager (KCM) is a remote-access gateway that provides DevOps and IT teams with simple and highly secure access to RDP, SSH, VNC, MySQL and Kubernetes endpoints through any web browser. KCM significantly enhances security by enabling organizations to adopt zero-trust remote access to IT infrastructure, with no need for client or agent software, and with features such as least-privilege access, RBAC and MFA. KCM also provides IT administrators with fine-grained controls so that they can provide individual users with just the level of access they need, whether that’s the entire system or just one machine. Access can be revoked at any time, and a robust audit trail identifies when and how the system was used.

Visit the KCM product page to watch a short overview video and find out how Keeper Connection Manager can provide your organization with modern, enterprise-wide visibility and coverage for privileged access management.

Manuela Escobar Velasquez

Manuela Escobar Velasquez works in digital marketing at Keeper Security and is a cybersecurity enthusiast. She spends her time researching and learning about the latest cybersecurity news to write informational blogs and social media posts. Manuela graduated from the University of Illinois Urbana-Champaign with a major in Communication.