A simple guide to VPNs for business
Online security and privacy are growing concerns for UK businesses. Every year, millions of pounds are lost to cybersecurity breaches as businesses struggle to implement even the most essential cybersecurity measures.
Among these, Virtual Private Networks (VPNs) stand out as a simple way to protect user privacy and prevent unauthorised access to sensitive networks. This article explains how your business can use VPNs to improve its privacy and security.
💡 Key Takeaways:
- Bypass censorship: Remote workers connected from countries like Cuba and Vietnam will need a VPN to bypass the country’s internet censorship and access the resources required to do a good job.
- Security: Accessing business resources and domains through a VPN prevents data thieves, snoopers and scammers from accessing sensitive data.
- VPN Services: Never sign up for freely available VPN services for your business. Either pay a subscription to a reputable VPN provider or host your server from your business headquarters.
What is a VPN?
A VPN (Virtual Private Network) is a service that creates a secure, encrypted connection between your device and the Internet. It masks your IP address and data traffic, providing privacy and anonymity. Another way to look at it is by breaking down each letter of the acronym VPN:
- Virtual because it’s not a physical connection.
- Private because it keeps your online activities encrypted.
- Network because it connects you to another network.
When you use a VPN to access your business’s databases, all your data is encrypted, making it unreadable to anyone who might intercept it. Regardless of its sensitivity, only your device of origin and your destination server (exit node) hold the “private keys” to decipher your data.
A VPN analogy
If the internet were a bustling city lined up with blocks and blocks of websites, apps, and platforms, using a VPN (Virtual Private Network) would be like roaming its busy streets using an invisibility cloak.
Anyone near you may be able to ‘perceive’ your presence but not know where you came from, who you are, or any data you carry, giving you the freedom to visit any services available in this online city without revealing any essential details.
Only the place where you put the invisibility cloak (i.e. your device) and the place where you take it off (i.e. the exit node) can see you and what you carry.
What happens when you connect to a VPN?
💡 Both static IPs and dynamic IP addresses can be masked using a VPN.
What are the main business cases for using a VPN?
Security and privacy are the main reasons any business would use a VPN. These can be broken down further into the following:
Business Cases | Description |
---|---|
Secure remote access | Enables employees to securely access the company network remotely, ensuring productivity from anywhere. |
Data encryption | Protects sensitive data during transmission over the internet, preventing unauthorised access. |
Bypass geo-restrictions | Allows access to region-specific content and services, facilitating global operations. |
Enhanced privacy | Masks IP addresses to protect against tracking, surveillance, and data collection by third parties. |
Cost savings | Reduces the need for dedicated leased line broadband connections and other expensive infrastructure by using the public internet securely. |
Secure communication | Ensures secure communication channels for internal and external exchanges, protecting business secrets. |
Compliance | Helps meet regulatory requirements for data security and privacy, avoiding potential fines and legal issues. |
Access control | Manages and restricts access to specific network resources, ensuring only authorised personnel can access sensitive information. |
Avoid Throttling | Provides an alternative for bypassing bandwidth throttling if your employees are using regular domestic broadband. |
Protection from cyber threats | Shields the network from attacks such as man-in-the-middle, hacking attempts, and other cyber threats. |
Here are a few notes expanding on some of these VPN business cases:
Phishing
Cybersecurity threats are becoming more intricate over time. For example, phishing emails rely on information about employees, and revealing their home IPs to an attacker makes them more vulnerable. VPNs mask your remote workers’ IP addresses, showing the company’s instead.
Access controls
Most companies have not yet rolled out Zero-Trust Network Access. Company-hosted VPNs will remain essential for cybersecurity if they rely on traditional, certificate-based access controls. This is because it is the easiest way to authenticate a remote device entering the network.
Compliance
Cybersecurity regulations require companies to have minimum security measures in place, including remote access through VPNs. Compliance with these becomes increasingly stringent in critical industries such as finance and healthcare.
Censorship
For companies with international exposure or a digital/nomadic workforce, VPNs provide a gateway to bypass potential censorship restrictions on resources that may be essential to your employees. Examples include countries like China, Iran, Russia, Myanmar, Vietnam, Cuba, and Thailand.
Public WiFi
Sometimes, public WiFi is the only connection available for remote work, but it presents a big cybersecurity risk. Not only can bogus WiFi be set up alongside public networks to steal data, but it is also impossible to verify who controls it. Forcing employees to connect to business networks through a VPN ensures that your sensitive business data won’t be leaked to any malicious actor. See our article on cyberattack survival for more details.
Bypassing throttling
Bandwidth throttling is common in the cheapest ADSL and FTTC domestic broadband deals. If your remote employees are working from home, they can bypass any throttling imposed on their connection by connecting to a VPN that mimics your business’s broadband connection.
Choosing a business VPN
When it comes to VPNs for commercial purposes, there are generally two possibilities:
Some small businesses unaware of cybersecurity essentials may be tempted to use a Free VPN service, but this is not recommended, as the service will almost certainly use your data and sell it to third parties.
Third-party VPNs
A third-party VPN service offers virtual private network services on demand. It allows employees to securely connect to the wider internet or a business’s private network by routing their traffic through the provider’s servers. The provider handles infrastructure, maintenance, and support, offering businesses an easy-to-use, scalable VPN.
This option is preferred in small to medium-sized businesses, start-ups, and businesses with limited IT resources. Third-party VPNs charge a service fee to manage your entire VPN setup without requiring technical expertise.
They offer scalability, regular updates, and professional support, which can be cost-effective for businesses that lack the resources to maintain their infrastructure or even have the necessary physical premises.
However, there are many providers to choose from. Ensure your choice offers robust encryption and, preferably, a kill switch to cut off your internet connection if the VPN connection drops, preventing your business data from being exposed.
Also, some VPN-as-a-service providers guarantee support for unlimited high-speed throughput, and this is recommended to avoid any throttling from their side.
Self-hosted or Private Cloud VPNs
A self-hosted business VPN is a virtual private network set up and managed by a company using its own servers and infrastructure. It provides secure remote access for employees to the organisation’s internal network and resources.
These are recommended for larger enterprises, businesses with strict security and compliance requirements, or those needing full control over their VPN infrastructure, including control of databases and security configurations.
The issue is that these setups require more IT resources and expertise to manage and maintain.
💡Small, tech-savvy businesses can save in the long term by hosting their own VPNs using Raspberry Pi’s and superfast broadband such as Full-fibre, Cable, 5G business broadband, with pay-as-you-go satellite broadband as backup for redundancy.
Why are VPNs becoming increasingly important?
Two global tendencies are growing the importance of VPNs: internet censorship and cybersecurity.
Being able to bypass any roadblocks is essential for uninterrupted remote work and access to information. VPNs are essential for this, allowing your business to access all the websites required without censorship.
On a parallel tangent, our personal and business data has become as valuable as currency, and unfortunately, cybercriminals are all too aware of this. Cybersecurity threats are escalating at an alarming rate, with data breaches, identity theft, and online fraud becoming more prevalent yet underreported.
In this regard, VPNs are like digital bodyguards, shielding us from many threats. By encrypting your data, VPNs protect your business’s information, online activities, and digital transactions, adding a crucial layer of security. No business should be going out into the digital world naked!
VPNs – FAQs
Our business broadband experts answer commonly asked questions on VPNs for UK businesses:
What VPNs do most companies use?
Most companies use Third-Party VPNs such as NordVPN, ExpressVPN, CyberGhost, and Private Internet Access (PIA) because of their reliability, security features, and ease of use. For larger enterprises, Cisco AnyConnect, Palo Alto GlobalProtect, and Fortinet are popular for self-hosting due to their advanced security features and integration with existing network infrastructure.
How much does a VPN cost for a business?
The actual costs will vary on the scale and bandwidth of the VPN service required, but as a general rule, you could consider the following:
- Third-Party VPNs: £5-£15 per user/month.
- Self-hosted: £500-£2,000 setup, £200-£1,000 annual maintenance.
Is OpenVPN good for businesses?
Yes, OpenVPN is good for businesses as it offers strong security and flexibility and is cost-effective. It’s also open-source, customisable, and widely supported. However, it can be complex to set up and manage without IT expertise.
Is it cheaper to run your own VPN?
This truly depends on the specific VPN needs of your business. However, as a general rule,
- Self-hosting your own VPN on your premises can be cheaper in the long term, especially for larger organisations.
- However, it involves higher initial setup costs and requires ongoing maintenance and IT expertise, which third-party VPNs do not.
Will using a VPN reduce my business broadband speed?
Yes, using a VPN can reduce your business broadband speed because of time loss during the encryption process and the additional distance data travels through the VPN server. The extent of the slowdown depends on the VPN provider, server location, and your broadband speed.
In the UK upgrading to a faster business broadband provider is easy. Upgrade today and finder cheaper business broadband deals.
What are some VPN fun facts?
- The first version of the modern VPN was known as swIPe (Software IP encryption protocol) and was created in 1993 in the US. Only a decade later, as broadband internet exploded, did the first VPNs become widespread, but their use remained constant for private companies.
- The use of VPNs has grown substantially over the years. Between 2016 and 2018, the number of VPN users worldwide increased by at least 4x, with the biggest driver being an increasing demand for geographically restricted content on video streaming services like Netflix or YouTube.