When it comes to online encryption solutions – specifically for protecting data in transit – SMBs are often forced to turn to consumer VPNs because enterprise solutions are expensive, complex and simply not built to protect them.
The catch, however, is that consumer VPNs also do not provide adequate protection for the SMBs. They don’t include any enterprise-level protection, are difficult to deploy and manage and – most importantly – only work when used by a motivated and educated workforce which will proactively install, configure and use them properly at work.
Online encryption is a must for any business, but deploying consumer VPNs creates a multiplicity of issues and challenges.
In this blog, we will explain the issues that exist in consumer VPNs and why they are problematic for MSPs.
For your client’s employees to access and use the VPN solution, individual accounts must be created, managed and authenticated for each employee. Once those accounts are created, your client’s employees must create a username and password. The problem, however, is that those employees will typically use weak usernames and passwords or passwords they use elsewhere, compromising security – all it takes is for one employee’s details to be intercepted and stolen for a hacker to easily access the business’ “secure” communications and actively siphon data without anyone knowing.
The net effect is you try to increase your client’s online security with a consumer VPN service, but you end up, unwittingly, bringing new risks into the business and give managers the false impression their business communications are secure – even if they’re not.
2. No visibility of usage
Another consumer-grade VPN issue is that they have no reporting or monitoring tools for you to determine whether or not someone is actually using the VPN. You are completely reliant on your client’s employees actually installing and configuring the VPN on their devices… and even after the solution is installed, are they using it?
With no centralised device management or dashboard to oversee implementation of the VPN solution across the enterprise, businesses could be exposing themselves to unknown risks and the possibility of cyber attack as employees access the business’ network using unsecured connections.
Also, from a return on investment perspective, having some form of reporting or monitoring would allow you to explain to your client the business benefits of having such a solution in place. However, with no way to collate such information, your client will never truly understand the benefits of having online encryption, due to the VPN issues inherent in consumer-grade solutions.
3. Employees need to be trained and motivated to use the VPN properly
Most of your client’s employees will see data security and encryption tools/solutions as a compliance headache; yet another dull and irrelevant business process. To get your client’s employees on board and using the VPN properly, they need to be trained, made aware of the consequences of failing to do so, and have a stake in managing security properly.
The reality is that many of your client’s employees will work remotely and use unsecured connections, such as those at a coffee shop, to access the business’ public network. In doing so, they allow anyone with a little technical know-how to access their device and “listen in” on communications between their device and the business’ public network. Information can be readily intercepted and siphoned and the employee will have no idea the network was ever breached.
Your client’s employees need to be trained regularly and be given a real stake in managing their own online security. Give them responsibility over ensuring they keep their devices protected and follow the right processes.
4. Scalability is an issue
As your client’s business grows and it hires more employees, those employees need to have their devices added to the VPN solution. Most consumer grade VPNs only support a certain number of devices and beyond that point, it either needs to be modified or supported with other solutions to deliver the functionalities required.
The result is that you spend a ludicrous amount of time combining different, disparate solutions to ensure all devices can securely connect to your client’s network – and even when it’s all set up and ready to go, the moment at which a new device needs to be added it turns into another administration headache!
Cyber threats are becoming more complex and sophisticated – and as such, businesses need software capable of intercepting and mitigating threats, as well as preventing them completely.
Deploying a consumer-grade VPN for your client – while admirable in the way of security good practice – will ultimately introduce security issues later down the line. These solutions are not designed for businesses or for scale and will typically not provide the features or functions your client needs to ensure robust security.
Privatise Online Encryption, on the other hand, is the only VPN solution built and designed specifically for SMBs. With Privatise Online Encryption, you can manage your client’s online privacy from a single point without having to ask employees to log in. The solution is always on, requires no configuration and comes with reporting and monitoring tools to help you understand how it’s being used by your client and their employees.
If you want to learn more about the importance of having such a solution – and the benefits it can provide your client, download our eBook by clicking the button below.
Privatise’s online encryption solution is the first internet privacy protection tool developed specifically to meet the practical needs of small and medium businesses.