The secrets of VPNs for business

Secure access to your network isn’t something to be taken lightly

Cloud VPN providers

As mentioned, there's no technical need to invest in a full physical VPN hardware solution. Cloud VPN services let all your clients connect (via the provider's endpoint software) through a hosted server, which then connects to your central resources.

One big advantage of these services is that they're normally timely with fault rectification, since they do nothing else all day. They can also be much simpler to manage for an uncomplicated business setup but you may hit conflicts if you're signed up with a big cloud provider that requires you to use its VPN to access your hosted resources.

Another disadvantage is that several of them only do IPsec and not SSL, so you can't rely on being able to connect from any old hotel lobby or caf. This can cramp a mobile workforce's style.

Nearly VPNs

Depending on your needs, a classical VPN might not be the only, or best, solution. One alternative is remote desktop access, via services such as LogMeIn, TeamViewer and GoToMyPC. These products appeal to managers who fear the complexity and costs of a full VPN, and they tick the key boxes: you can normally connect from anywhere, and the traffic between the controller and the controlled PC is encrypted.

Advertisement
Advertisement - Article continues below

But if you want to take this route, there are some significant issues to consider. Offering a convenient gateway for users to connect to a machine inside your company's firewall means opening up the same opportunity to unscrupulous hackers. Some businesses address this by sending their remote-control traffic over their VPN, just to make you think about that combination. What's more, while the costs may seem low at first, the licensing structure can quickly become expensive and restrictive. Some of the product-support remote-control apps come in at 1,500 per year per starting licence, which may quickly turn you back onto more traditional VPN solutions.

Another idea that could, in theory, replace a conventional VPN service is taking advantage of IPv6 to open a secure connection directly to any internet-accessible device. I've seen Microsoft staff do this in meetings: if they've left a relevant file on their desktop PC back in Redmond, they simply pop open an IPv6 Teredo tunnel, from wherever in the world they happen to be at the time, and grab it.

This shouldn't be taken as a recommendation, however, not least because I honestly have no idea what sort of defences Microsoft has at the edges of its IPv6 network. I suspect that its security resources are formidable indeed, and the number of companies who can match them is evidently small, because I seldom see anyone else even trying to dip a toe in the water.

Indeed, although IPv6 was originally envisaged as a general-purpose transport for connecting any two devices in the universe, there's a whole range of alternatives out there, including completely private protocols, such as those underpinning Amazon's services. Rather than becoming the universal transport, IPv6 may end up being an ancestor of the eventual winner which isn't at all clear right now, and may not even exist yet.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019