What is a VPN, and why do businesses use them?

A virtual private network (VPN) is an Internet security service that creates an encrypted connection between user devices and one or more servers. VPNs can securely connect a user to a company's internal network or to the public Internet.

Businesses typically use a VPN to give remote employees access to internal applications and data, or to create a single shared network between multiple office locations. In both cases, the ultimate goal is to prevent web traffic — particularly traffic containing proprietary data — from being exposed on the open Internet.

Why are VPNs necessary to accomplish this? Take remote employees as an example. When employees work on-premises, they can connect their computer and mobile device directly to the business’s internal network. However, if an employee works remotely, their connection to that internal network must take place over the public Internet, potentially exposing their traffic to on-path attacks and other methods of snooping on sensitive data. Encrypting that traffic with a business VPN or another security service keeps it safer from prying eyes.

What are the different types of business VPNs?

There are two categories of business VPN: remote access VPNs and site-to-site VPNs.

Remote Access VPNs

A remote access VPN creates a connection between individual users and a remote network — typically the business’s internal network. Remote access VPNs use two key components:

  • Network Access Server (NAS): a dedicated server, or a software application on a shared server, which is connected to the business’s internal network
  • VPN client: software installed on a user’s computer or mobile device When the user wishes to access the business’s network, they activate their VPN client, which establishes an encrypted ‘tunnel’ to the NAS. This encrypted tunnel allows the user to access the internal network without their traffic being exposed — a significant security advantage for remote workers.

Site-to-site VPNs

Site-to-site VPNs create a single virtual network that is shared across multiple office locations, each of which can have multiple individual users. In this model, the VPN client is hosted on each office's local network, rather than on individual users’ devices. In this way, users in each office location are able to access the shared network without using a VPN client individually. But if they leave the office, they lose this access.

On a simple, everyday use of the Internet, a VPN gives you, among other things, the following advantages:

  • Secures your publicly visible connections through tunneling protocols
  • Secures your data while using public Wi-Fi spots where you are most susceptible to online attacks
  • Protects you from identity theft
  • Blocks incoming malicious traffic that could possibly reach and damage your devices
  • Secures your online shopping and banking transaction
  • Gives you remote access to websites and applications that may be unavailable due to the change of your location (e.g. while traveling)