The digital transformation era presented a stark reminder that data is trackable and exploitable, especially when traversing a public network. While organizations and individuals stay abreast with the evolving cyber threat landscape, the privacy and security of data in motion, data in use, and data at rest are more critical than ever. As someone who enjoys secure and anonymous internet activities, leveraging virtual private networks (VPNs) for personal and business use has been a game changer in how sensitive data and personally identifiable information (user’s device and location identifiers) transverses the internet.

A VPN presents many benefits for anyone seeking a safer and more secure way to use internet services. This blog will break down and simplify the intricacies of a VPN, including how it works, use cases, challenges, and opportunities for improvements.

What is a VPN?

VPN is an abbreviation for ‘Virtual Private Network,’ which establishes a wireless connection between a device and a virtual server. The connection invariably creates a point-to-point tunnel that encrypts data and masks IP addresses for anonymous internet browsing. Users enjoy privacy by browsing the internet with a tunneled connection and a masked IP address and can access restricted, region-exclusive content.

How Does VPN Work

A VPN connection is initiated by sending a connection request to a VPN remote server. The server authenticates the user’s device and makes the connection request. Then, the server creates an encrypted tunnel that acts as a highway for the data to flow through securely.

Before proceeding, let me explain that while the data flows through the secure tunnel, it is encoded (or scrambled) to appear illegible to unauthorized parties. Once the encoded data arrives at the VPN server, it’s securely decrypted with a private key, rendering it legible.

In the final chain of occurrence, the VPN server forwards the decrypted data, alongside a new IP address, to the website the user is attempting to connect to.

In layperson’s terms, per its definition, a VPN connection encompasses the following logic:

  • Virtuality: no physical wires are required to facilitate the connection processes.
  • Privacy: During the connection, your data and browsing history are hidden from prying eyes, such as those of government entities and hackers. This ensures that your internet usage is more protected and secure.
  • Networking: multiple devices are deployed to establish a connection. Typically, these devices include a personal computer and VPN server, working in tandem to establish a link

VPN Encryption Protocols

During the data encryption process, VPN providers are known to use a wide array of protocols, with different routing methodologies and use cases, to determine the strength of the VPN connection. Some of the encryption protocols used during the VPN connection process include:

  • OpenVPN is a standardized, open-source protocol that supports 256-bit encryption and uses SSL/TSL for tunneling operations.
  • Secure Socket Tunneling Protocol (SSTP) is often a built-in feature in Windows OS, making it an industry standard. SSTP also has 256-bit encryption capabilities and uses SSL/TSL certificates for authentication.
  • Internet Key Exchange version 2 (IKEv2) / Internet Protocol Security (IPSec) is best used with a mobile VPN because it suits unstable internet connections. Paired with IPSec for security and speed, IKEv2 can also be used when toggling between WiFi and ISP cellular data.
  • WireGuard is a newer VPN encryption protocol that features emerging encryption technology. This technology allows the process to run on a lighter code base, making it more compatible with mobile devices. WireGuard is compatible with IPv6 inside and outside of the VPN tunnel.

Types of VPNs

  • Remote access VPN: this is perfect for users seeking access to a secured, private network from an off-site location (typically a public area network).
  • Mobile VPN: VPN is often discussed interchangeably with remote access VPNs. However, the difference is that specialized protocols (IKEv2/IPSec) are employed to maintain a mobile VPN connection. With a mobile VPN connection, users can move between networks, i.e., switching from  WiFi to cellular data.
  • Site-to-site VPN: This is a VPN connection established between two or more separate networks, allowing for the secure transfer of sensitive data. Companies with multiple sites across geolocations often use site-to-site VPNs to connect their networks and securely share sensitive data.
  • Cloud VPN (aka VPNaaS): This type of VPN, also known as VPN-as-a-Service, allows users to access their data and applications in the cloud. Its benefits include efficiency and cost-effectiveness. Cloud VPNs offer a dynamic adjustment to bandwidth allotments because they seamlessly integrate into a functional cloud distribution framework.

Why Use a VPN?

The notion of VPN can be discussed regarding privacy, security, and plain ‘ol convenience. Whatever your reason, it’s clear that VPNs allow users to perform anonymous browsing activities on the internet. Don’t just take my word for it yet: below are some of the crucial reasons why a person or company may want to use a VPN:

  • The reinforcement of data privacy and security policies, standards, and regulations.
  • To access or stream regionally-restricted content from any location.
  • To sidestep censorship and cyber-tracking by third-party entities, such as governments, hackers, or internet service providers (ISPs).

Challenges and Limitations

I’ve highlighted the benefits of a VPN and its positive impacts, including boosting users’ security and privacy. Despite the advantages mentioned above, there are some challenges and limitations that often impact the user experience and functionality of a VPN:

  • Slower connection speeds: the processes associated with encryption and the rerouting of data traffic contribute to increased latency and slow connection speeds when using VPNs.
  • Legal and regulatory concerns: VPNs inherently make it challenging for providers to comply with strict data jurisdictional laws that require companies to store data within a specific country or jurisdiction. Due to immense government pressure, some VPN providers sometimes cave in and share browsing details with them.
  • Data security limitations: VPNs aren’t inherently equipped with anti-malware or anti-phishing capabilities. Therefore, hackers could leverage malware to disrupt your VPN connection.
    • Data privacy limitations: The implementation of privacy controls depends on the VPN provider’s infrastructure and the encryption protocols it chooses to deploy. Unfortunately, I’ve noticed that certain free VPN services tend to have weaker privacy controls, including the logging and storing of user data, which invariably compromises users’ identities and browsing experiences.