Are VPNs 100% Secure for Small to Medium-Sized Businesses?

Are VPNs 100% Secure for Small Businesses?

Just like any layer of protection, virtual private networks (VPNs) are not impenetrable. But that doesn’t mean they aren’t essential. A bicycle helmet will crack under enough pressure, but that’s not a good reason to ride around without one or to buy the cheapest one available. 

Secure VPNs are as essential to remote employees as quality helmets are to bike messengers. They provide protection where it’s needed most.

What Protection Does a VPN Offer?

A virtual private network is a tool for hiding your internet activity. It creates a secure and encrypted connection between your computer and a trusted server. Without a VPN, anything you do online is tracked and logged by your internet service provider (ISP)

These logs include a timestamped record of every page you visit and every search that you make. Here’s an example:

If a website doesn’t encrypt its login forms, your ISP would even log a password you submit to a form! ISPs do their best with regard to cybersecurity, but it’s not uncommon for your online actions to be visible to the wrong people.

With a VPN, your computer connects to a trusted server and encrypts all the information you send it. Your ISP sees that there is a connection and data is being exchanged, but nothing else:

  • 2:33 PM Ryan sends [a bunch of garbled data] to [a random IP address]
  • 2:34 PM Ryan sends [a bunch of garbled data] to [a random IP address]
  • 2:35 PM Ryan sends [a bunch of garbled data] to [a random IP address]

This adds an important layer of security when your employees are working remotely. Just imagine that someone from your finance team needs to access files stored on an office server or in the cloud. Would you rather those actions were logged and timestamped? Obviously not.

But like we said, it isn’t a 100% perfect solution.

How Can VPN Security be Compromised?

We talk about threats to VPN security as the three Ps: people, passwords, and protocols. Each one represents a relatively simple risk to security that only becomes a larger problem if it’s not handled by experts.

The first P is people. Your VPN won’t provide an ounce of data security if your remote employees click on links from unverified sources or let their children surf the web on the company laptop. If one of those mistakes leads to a malware infection, hackers can snoop on what you’re doing before the VPN has a chance to encrypt it. Cybersecurity awareness training is vital if you want to prevent hackers from exploiting human fallibility to circumvent your VPN.

Next up is passwords, which everyone knows are important but somehow still neglects. Your people will need to log in to use the VPN and if the password required to do so isn’t unique and complex, it’s just a matter of guesses before that secure connection is jeopardized. Here are nine rules for strong passwords

The last and most difficult element of VPN security is protocols. Not all VPNs are created equal and free options like Hola! actually leave you worse off than using no protection at all. This is where expert IT security services really pay for themselves. You won’t need to decide between IKEv2 or SSTP protocols or even understand what these acronyms mean — a provider like Iconic IT will do it for you.

As long as your people have been trained on cybersecurity basics, they use complex and unique passwords, and an experienced technician is giving your VPN protocols regular checkups, employees working remotely can safely connect to company data.

The 100% Secure Solution for SMBs

Iconic IT provides managed IT services that take the guesswork out of technology planning, implementation, and support. Because you shouldn’t have to learn about topics like VPN security, you should have someone at your disposal to get it done!

If you’re a business owner in Wichita, Denver, Dallas, Bonita Springs, Rochester or Buffalo, we’d love to be that resource for you. Learn more about our services and pricing or email us at for more information.


Ransomware Attack Cybersecurity Tips

Healthcare Ransomware: Protecting Your Patients and Your Network

Healthcare ransomware is not a new threat; healthcare industry organizations have been ransomware targets for decades. Did you know that the very first ransomware attack targeted the healthcare industry in 1989? Joseph Popp, a PHD, sent a very specific ransomware to AIDS researchers, distributing 20000 infected floppy discs (remember them?) across the globe.

Times have changed, though, and while leg warmers and cabbage patch dolls are no longer in fashion, ransomware certainly is.

Read Post
Come in, we're open Cybersecurity Tips

Reopening Your Business in East Texas? Here’s A List of Cybersecurity Safety Tips

Criminals are capable of hacking into your network with a wide variety of tools. There are sites on the dark web that sell ransomware; the bad actors simply buy it, install it, and launch it on the organization of their choice. Reopening your business in East Texas? Check out these cybersecurity safety tips to help you level the playing field.

Read Post
Cybersecurity Cybersecurity Tips

Protect Your Business from These 4 Mobile Security Threats

A Check Point Research report found that the number of cyberattacks targeting mobile devices in the first half of 2019 rose by 50% compared to the same period in 2018. To protect your company from such attacks, you need to know about these four mobile security threats

Read Post