Joining us today on Startup Opinions is Per-Erik Eriksson, the founder, editor-in-chief, and main author of Vpnetic. Vpnetic is a website dedicated to cybersecurity and reviewing VPNs. The site spends hundreds of hours trying out and testing various VPN services. The team is committed to delivering legitimate cybersecurity software with maximum usability. You’ll also find excellent tips and crucial information on staying ahead of the game in matters of cybersecurity.
Today, he’ll be talking about cybersecurity and VPNs.
Interviewer: Welcome to the session, Eriksson. Perhaps you could start by introducing yourself.
Eriksson: Thanks, Joe. I don’t know if there is anything much to say about myself. I’m just an average family guy who’s cheezy with technology and computers. I attained my degree in computer science from Lunds University back in 2004. I managed to design a dummy software that allows seamless communication in a company. That caught the attention of Microsoft, which secured me a job contract there for two years. That was just the beginning of what we are today as Vpnetic.
Interviewer: Awesome. Did you always have a liking to computers as a young boy?
Eriksson: Well, my dad gave up his job at NASA to take up a consultancy job with Apple. I can say I’m just a chip off the old block.
Interviewer: You must love your dad then. So what’s the story behind Vpnetic?
Eriksson: Before starting the company, we realized that companies lose millions from security breaches. This would only increase with time as more firms made the digital leap. But small businesses that lacked the infrastructure would face the most significant threat. I had already seen it happen to a close friend who lost his company following a security breach. Vpnetic emerged as a solution provider. We save our clients hours and dollars by trying out every possible virtual network and recommending the best. We target to stay ahead of the game in cybersecurity matters and make sure our clients also maximize.
Interviewer: What are some common myths and misperceptions about using VPNs?
Eriksson: Before answering that question, it’s imperative to understand what a VPN is. A virtual private network is like a hidden tunnel you use to reach your offices when you don’t want to be seen. At least that’s how it began before the general public started using it. It encrypts your browsing so that you can surf the internet with some level of privacy. However, people make a big mistake when using VPNs. They assume that they are fully protected as long as they have a VPN. But that’s a mistake. VPNs are not firewalls.
Interviewer: Mind expounding on that?
Eriksson: VPNs protect communication, but that’s just about it. Users need to understand that there are more internet security problems when talking about cybersecurity. VPNs won’t detect any misuse or mistakes or even enforce any security policies. Moreover, if you are a company, VPNs cannot regulate access to your servers, and hackers may still get entry. All you can expect from a decent VPN is communication privacy through end-to-end encryption. Way to go to keep yourself from the sniffers.
Interviewer: That’s something most people don’t understand. Does your company take time to educate users on the same?
Eriksson: Yes. We ensure that we exhaustively cover every detail about individual providers with every VPN review. The good thing is that some firewall providers also make provisions for VPNs as an inclusive package.
Interviewer: Good job you are doing there. So for users who are particularly keen on cybersecurity, what would an ideal VPN checklist look like for them?
Eriksson: That’s a lovely question. A regular user surfing the internet can do with a standard VPN, which will work for them. Nonetheless, users with deeper concerns, such as firms, should have a VPN checklist before settling on one. It should allow for optimum use, deployment, and maintenance. The basis for a good VPN include:
- Compliance with IPSEC (including ISAKMP/Oakley)
- The VPN should operate smoothly across other vendors compliant with IPSEC.
- Should be ISCA certified (or certified by a recognized organization.)
- Should allow for automatic creation of user-level VPN accounts for large organizations.
- Should work alongside a firewall or at least circumvent most firewalls.
- Strong encryption.
- It should work seamlessly with or without trust.
Interviewer: Are there any security threats or performance issues raised when using a VPN?
Eriksson: For starters, VPNs use more horsepower. Mobile users may experience lags from time to time, or the VPN’s firewalls may prevent any other networks from passing through. That can be sorted through deactivating and reactivating the VPN, but that will not solve the low network speed issue. Firms should invest in hardware crypto engines to avoid this CPU overload for organizations, which is another subject by itself. That said, doing so will get rid of any performance issues. VPNs will have security threats when used without a firewall. Even when used with one, there is a danger that the VPN could be improperly deployed. The VPN could limit the firewall’s ability to audit helpful information or make critical decisions if this happens. Nevertheless, adding the firewall as a trusted member of the conversation makes it easier to read the information in each IP packet. Hackers can also gain access to your systems through malware-infected and unpatched devices by mimicking the user’s credentials once the VPN is on.
Interviewer: Who are the major VPN players today?
Eriksson: VPNs have free and premium options depending on your needs and concerns. Some of the best providers we’ve worked with include Aventail SSL VPN, OVPN, ExpressVPN, NordVPN, CyberGhost, Surfshark, and iTop VPN, which comes with an excellent adblocker. ProtonVPN, Hola VPN, Windscribe, AtlasVPN, and Hotspot Shield free options.
Interviewer: That’s quite a list. And aside from using VPNs, are there any other alternatives?
Eriksson: As we’ve seen, a VPN isn’t a standard one-shoe-fits-all solution for securing your connections. However, other emerging solutions could prove more efficient overusing VPNs. They include:
- SD-WAN (Software-defined WAN) for optimal routing of encrypted traffics.
- Zero Trust Networks Access where no one is trusted or given access unless they pass authentication.
- The Secure Access Service Edge (SASE) brings together an organization’s security and network elements.
- Alternatively, users can rely on virtual desktops infrastructure for optimum protection.
Interviewer: Thanks for all that, Eriksson. Maybe you could tell us the future of VPNs as we conclude.
Eriksson: We are now looking to upgrade VPNs to achieve more secure endpoints. An excellent way to accomplish this will be to build software-based VPN tech into endpoints by increasing the system’s processing power. However, this may not offer a comprehensive solution, and there will be a digression to zero-trust network access systems, which assume the endpoints are already compromised. However, before that digital shift takes place, VPNs will still be in the picture for some time.
Interviewer: Thanks for your time Eriksson and your insights and input. It was great having you.
Eriksson: Sure thing, Joe. Thanks for having me.