Virtual private networks (VPNs) have long been a trusted tool in securing network communication transmitted across the dark void that is the public internet. Whether this network communication is point-to-point, establishing a secured connection between two corporate offices, or simply client computers remotely connecting to the corporate network, VPNs can help secure this communication through both strong authentication and encryption.
Who needs an enterprise mobile VPN?
While VPNs have been around for decades, the world of infosec has evolved over that time, bringing about a world of mobile devices, public wi-fi, and a host of new attack vectors for malicious users. VPNs continue to have a place in infosec, but the waters have muddied somewhat over the years.
At their most basic, VPNs provide the ability for computing devices not physically connected to the corporate network to securely gain access to network resources as if they were physically located at a corporate location. This secure connection involves authentication, where the end user or device confirms with the VPN server that they are who they claim to be.
This authentication process could be as simple as a username and password, or there could be more advanced authentication requirements including multi-factor authentication (MFA), use of a managed device, or even system health (update status, antimalware protection, etc.). The second aspect of a VPN is an encrypted connection, which prevents a malicious user from intercepting network traffic and being able to view or even play back the connection to compromise the network.