A virtual private network (VPN) gives any system a boost to its overall cybersecurity, especially when connected to a public network. A business VPN helps provide online privacy and security by encrypting your connection and hiding the IP address you're working from, creating a private link to the internet that's safe and anonymous. In today's environment of increased remote work and increased security demands, it is important to make sure your VPN is properly set up.
What to consider before setting up a VPN
While there are many VPN services available to the public, when it comes to enterprise-level security, a private business tends to take matters into its own hands, with a dedicated information technology (IT) team building a bespoke network to keep corporate strategies, plans, and even patents from getting into the hands of competitors or cybercriminals.
However, building your own VPN is no small feat, and requires multiple layers of security to ensure prying eyes away from business communications. This comes in particularly handy for traveling or remote employees, as a business VPN will give them access to the corporate intranet or private servers from anywhere in the world.
There aren’t too many downsides to a VPN, but the problems that exist are mostly caused by issues during the implementation and configuration stage. Snags like regular downtime, problems with scaling, and slow internet speeds could become struggles that you constantly face if you don’t know what you’re doing.
There are plenty of VPN services like NordVPN, ExpressVPN, or IPVanish on the market, but apps like these don't necessarily have the enterprise-grade software a business may be looking for. And if you know what considerations to prioritize when searching for or building a solution that’s right for you, you can integrate a powerful layer of security throughout your entire network.
How to set up a business VPN
Here are the seven key steps to setting up a VPN for your business.
1. Using the right VPN components
A VPN is built using three main components: A VPN client, a VPN server and a VPN router. A downloadable client is what the end users download to actually connect with or access a business network. Client software is usually available for PCs and mobile devices to make sure employees can securely connect, even when using a public Wi-Fi network.
The VPN router is one of the more critical components when building a VPN system, as this device is what performs the actual encryption of network traffic. Fortunately, several VPN routers like a Netgear Nighthawk X10, or ASUS RT-AC86U come bundled with clients, and with software tailored to the hardware, you can get an optimized VPN experience.
2. Preparing your machines
It’s always best to install software on a clean machine, so if you have VPN software already installed on your system, go ahead and safely remove it. A VPN app can potentially compete for bandwidth priority with other applications, so when you remove the old client, you remove the possibility of it interfering with your new and improved network.
When you're configuring your network, remember to disconnect any unnecessary or unused devices.
3. Installing the client
Whether you're using a service or building your own VPN solution, installing the VPN client itself should be a fairly easy and straightforward process. Most modem manufacturers and VPN services have a client ready for you to download and install for most major devices and operating systems.
Once installed and initiated, a VPN client should be able to automatically find and connect with the correct hardware in just a few clicks. More often than not, your client will install flawlessly, but if it doesn’t install, or you can't connect to your VPN router, most providers have tech support teams on call 24/7, volumes of setup tutorials and countless FAQs to help guide you through virtually any problem.
4. Logging in to your VPN software
Now that you've got your VPN client installed and you're connected to your router, you'll be able to set up a username and password. Once that's done, you're ready to log in. A VPN typically has multiple servers and automatically connects to the server you're geographically closest to. While you can always log into a server from a different region, keep in mind that could create latency issues.
5. Choosing the right protocol
A VPN protocol is how a network packages, encrypts and compresses data to securely transmit it to another server. Multiple VPN protocols are built for different purposes, like accelerated speed or enhanced security, all while providing a basic level of security and keeping your data away from prying eyes. Some of the most prominent protocols used in VPNs today are:
A point-to-point tunneling protocol (PPTP) was introduced in 1996 by Microsoft, and it's still one of the more popular protocols used today. By creating a direct connection over a transmission control protocol (TCP), a PPTP ensures traffic gets to its destination unscathed, and it is compatible with most operating systems. However, because of its age, hackers have had plenty of time to figure out system exploits, making a PPTP one of the more vulnerable protocols available.
L2TP / IPSec
While a layer to tunneling protocol (L2TP) offers some of the utilities found in a PPTP, it sends data packets to a user datagram protocol (UDP) for a vastly superior and secure connection. An L2TP usually comes equipped with military-grade 256-bit security encryption that's incorporated with internet protocol security (IPSec) to make it substantially more difficult for any hackers to break through. Although an L2TP offers a lot of security advantages, it’s highly complex and is one of the most difficult VPN protocols to correctly configure.
Developed by Microsoft, the secure socket tunneling protocol (SSTP) is one of the safest VPN protocols available, featuring secure sockets layer (SSL) transmissions to support your corporate road warriors who need anytime/anywhere access to the network. SSTP is highly supported by Microsoft, so it’s a solid option that gets regular updates to make sure you consistently get access to the latest tech. But keep in mind that SSTP isn’t compatible with non-Windows platforms like Linux or macOS.
Made by developers for developers, OpenVPN TCP is an open-source option that’s free to everyone. OpenVPN is highly supported by a thriving community, with regular updates and fixes that make it a robust option to keep consistent, secure connections. However, because it’s mostly used by engineers, it’s a highly complex protocol that’s probably the least user-friendly of the bunch, requiring a separate software client to run on any given system.
With OpenVPN UDP, you get a protocol that prioritizes high speed/low latency data transfers and removes the redundancies that could slow down transfer speeds. UDP can be easily customized to any system while preventing burdens to your connection. On one hand, this is great because UDP facilitates great experiences when streaming video or teleconferencing, but because of its focus on speed, it can overlook guaranteed data deliveries, resulting in dropped connections and failed downloads.
6. What to do if the VPN doesn't connect
If your VPN client doesn’t connect immediately after it's installed and configured, here's some sage advice from your friendly neighborhood IT department: Try turning it off and on again. When installing a VPN client, you may need to reboot the software as various drivers are updated.
Using the wrong login info is another common occurrence, and if using the correct credentials doesn't get you connected, you can always try switching to a different server or protocol to see if there's something wrong with your general configurations.
7. Customizing your connection
Now that you've got a consistent connection to your VPN, you can start fine-tuning the various settings based on your specific business needs. A good starting point is making sure your VPN client launches and creates a secure connection as soon as an employee logs in to their machine, giving them constant encryption whenever they're using a company computer.
Another way to standardize your settings on every system is by designating a default VPN server to log into, removing any guesswork for your employees. You could also install a "kill switch" with your VPN, which offers a great way to immediately disconnect a device from the internet whenever a VPN is interrupted, protecting your network from potential cyberattacks.