A reliable VPN is one of the key components of a small business’ security perimeter. Gone are the days when small businesses could neglect cybersecurity, thinking cyber crooks go after the big fish only. Reality check says otherwise. More than 43% of cyber attacks target small businesses.
Large businesses launched full ahead into the Digital Transformation, Industry 4.0, Internet-of-Things and all that RFID-based gizmo. Small businesses are somewhat slower to transform due to the limited resources (in regards to anything from marketing to cybersecurity). However, forward-thinking entrepreneurs and a large population of agile and highly-flexible startups see the wisdom in taking cybersecurity and privacy seriously. And VPN is an integral part of your corporate security.
Phishing, identity theft, ransomware are just the tip of the iceberg. Sadly, some of the most frequent attacks on small businesses are not even targeted but opportunistic. Opportunistic cyber attacks exploit unwise user behavior, such as connecting to a public Wi-Fi in a hotel, park, Starbucks, or even while using Gogo Inflight Internet. This type of attack also leverages vulnerabilities in popular apps, games, and users’ overall latency to install OS updates and patches or enable basic privacy and security features available on their devices.
So, a small business needs to keep the company network, Internet connection, and digital assets secure when working on-premise, or enabling secure access for traveling or remote employees. And VPN is at the top of security tools list alongside end-to-end encryption, two-factor authentication, and a strong password. VPN is an affordable, robust and efficient solution for small business security needs.
It’s not a question of if a small business needs a VPN, but rather how to choose a good one.
So, how do you choose a good VPN?
Small businesses comprise a large stratum of entrepreneurs, from not so tech-savvy brick-and-mortar shops to digital start-ups whose staff is made of freelancers working from remote locations in other countries. They are flexible, mobile and almost always limited in resources when it comes to cybersecurity (unless they are in cybersecurity).
IT departments in small companies tend to be an orchestra of 1-2 men with too much work on their plates. The fleet of devices they need to administrate is a mixed bag of BYOD and corporate-owned ones. The level of security awareness among non-tech employees is insufficient to leave them to their own devices when it comes to data security.
Considering common challenges faced by small businesses, here is a brief roundup of the features you might need in a VPN service:
- easy to setup and manage with intuitive management software, a dedicated account manager or 24/7 chat support
- support the devices and OS versions in use at the company
- scalable to support your growth
- high level of security and privacy
- access to plenty of server locations
- excellent performance and speed (if you use video conferencing frequently)
Each VPN provider has great features and brings something unique to the table. While some offer custom plans so that you can scale your subscription as your needs change, others are ideal if you are a small party with telecommuters or remote freelancers onboard.
When choosing, you will certainly focus on what matters most to you – provider’s location and its privacy laws, speed, price or robust encryption. Luckily, most providers on the list offer a reasonable combination of these. If you are still on the fence about what features are paramount in your particular case, read my Guide to Internet Privacy. It will give you a better understanding of how VPNs protect your privacy and bypass location-based connection restrictions.
The bottom line is cybersecurity does not have to be a large-scale investment on your part. With due diligence, attention to detail, and expert advice from my modest persona, you can make the right choice.
1. Perimeter 81
Israel-based Perimeter 81 couples excellent speed, Zero Trust Security as a Service, and unlimited data, with 24/7 chat support and applications for almost every platform. In addition to dedicated gateways in 35 different locations, Perimeter 81 offers easy onboarding of new users, detailed logs for admin and user activity, and IKEv2 and OpenVPN tunneling protocols.
What’s more, small business owners can host their own secure VPN gateway with a static IP address on the Perimeter 81 cloud without the hassle of keeping it updated and managing it yourself.
Users can create multiple servers in the same location, or in various locations around the world, including various locations throughout the US, Toronto, Amsterdam, London, Frankfurt, Singapore, Bangalore, Paris, Sydney, and Tokyo.
Perimeter 81 also offers additional features like Automatic Wi-Fi security, a VPN Kill Switch, Two-Factor Authentication, and the ability to launch a speed test from within the settings. The VPN Kill Switch is particularly beneficial for online privacy, as it stops all Internet traffic if the Perimeter 81 application stops unexpectedly.
Unfortunately, Perimeter 81 records all admin actions such as member invitations, team members deletions, and changing team permissions. These are standard logs that are essential for most business VPN administrators.
Pricing ranges from $8 monthly per user for the annual plan to $10 monthly per user on a month-to-month basis. Dedicated gateways are an additional $40 per month. Enterprise pricing is also available, which comes with volume discounts, custom configuration, and 24/7 VIP support.
Perimeter 81 uses the OpenVPN encryption protocol with an AES-256 cipher and SHA256 hash authentication. The control channel consists of an AES-256 cipher with RSA-2048 TLS handshake encryption and SHA-256 authentication. For added security, it uses Perfect forward secrecy (PFS) enabled by DH-4096 Diffie-Hellman key exchange. PFS means the VPN automatically and frequently changes the keys it uses to encrypt and decrypt information so that if the latest key is compromised, it will only expose a small portion of the user's sensitive data.
- A global server network in 35 locations means you can connect virtually anywhere
- Several security options and configurations, including extras like a Kill Switch and Wi-Fi Protection
- Zero Trust Network as a Service offers higher security and more flexibility than traditional corporate VPNs
- The annual subscription of $8/month per team member is reasonably priced
- Speed should never be an issue
- Allows for two-factor authentication for increased security
- Integrates with identity providers such as Google Suite, Okta, OneLogin, and Microsoft Azure Active Directory for improved user authentication
- Unlike the Windows VPN client, the Mac client doesn’t support PPT or IKEv2 VPN protocols
- For regular small business users, support via chat is replied by email, which can take anywhere between an hour and 24 hours
- Servers are only available in few countries, which can be limiting if they aren’t located nearby
- Not well-suited for casual end users
Switzerland-based VyprVPN combines solid security, great speed, smooth performance and support for almost every platform there is. They deploy a unique Chameleon protocol to scramble metadata and prevent Deep Packet Inspection and offer OpenVPN, L2TP/IPSec, and PPTP protocols.
VyperVPN also offers a kit a caboodle of additional security features such as NAT Firewall, VPN blocking and throttling, and a 24/7 live chat support. Some business plans offer encryption for all employee connections including file transfers, email, and network resources. However, you will have to request a free trial and get in touch with customer support to discover the pricing of these plans, as the two currently listed do not offer many details on the features and perks. However, business customers have the ability to set up a private VPN server.
- Excellent performance
- Great speed
- Solid security
- Supports up to 30 devices
- User-friendly apps
- 3-day free trial
- Dedicated account manager
- Based on Switzerland
- Keeps some connection logs
Panama-based NordVPN has two business plans, with the one-year subscription at $4.5 per month per account. It offers a three-day free trial (no payment details required) and a 30-day money-back guarantee.
The feature set is quite impressive – double data encryption, automatic kill switch, Tor over VPN, double VPN, Smart DNS (geo-spoofing), P2P, Socks5 proxies, DNS leak protection, DNS servers and an ample choice of security protocols including IKEv2 and OpenVPN. The provider does not require company details when you purchase the plan.
Nord supports the major platforms, is polished and intuitive, so if you are more on the privacy-paranoid side, you might as well go for NordVPN.
- Impressive speed
- No logs
- Excellent feature set
- Strong encryption, no leaks
- Based in Panama
- Allows up to 6 devices per account
- Accepts Bitcoin
- Dedicated account manager
- Limited choice of plans
- No Linux support
CyberGhost is a Romania-based VPN provider offering affordable long-term Pro subscriptions with up to 5 devices per each, a generous 30-day money-back guarantee, and conveniently accepts Bitcoin. The service is user-friendly and intuitive; their support is fast, professional and helpful.
They have a slew of additional features such as a P2P, Kill Switch, DNS leak protection, Wi-Fi and App Protection, which allows you to specify which apps get to be VPN-protected, and setup a custom Connection Profile.
It uses HMAC MD5 for hash authentication, which is weak, but the provider is planning to upgrade to SHA-2. Of note is the fact that in 2016, an Android CyberGhost app was found installing a root certificate on client devices. The developer since then released a new version, which does not involve in such dubious activity.
On the bright side, Romania has a pro-privacy stance, is exempt from data retention laws enforced in other EU countries, or mass-surveillance of the Five Eyes. It uses AES-256 encryption and Perfect Forward Secrecy; offers automatic data compression and HTTPS redirect as optional features. The provider claims to keep zero usage logs.
- Does not log usage
- Impressive speed
- Supports many platforms
- Transparency report available
- 30-day money back guarantee
- Accepts Bitcoin
- Efficient live support available alongside ticket system
- Some connection logs
- Weak HMAC MD5 authentication
If affordability is your primary goal, you may want to check PureVPN since yearly plans start at just $5 per month. It’s a solid Hong Kong-based service offering a wide range of plans, including customized subscriptions. So you can get a good deal, a dedicated management portal, and an account manager.
PureVPN has many perks such as a stealth browsing mode, two-factor authentication, DDoS protection, online banking security, secure FTP access and more.
PureVPN offers multiple protocols including OpenVPN, L2TP/IPSec, SSTP, PPTP, and IKEv2. My gripe with them has always been the fact that they don’t use Perfect Forward Secrecy, even though AES-256 encryption, SHA-1 (HMAC) authentication, and RSA-256 handshake look solid.
Regarding session logs, PureVPN keeps session – not activity – logs, for troubleshooting purposes and to track user clicks on certain software buttons to track the popularity of features. If you are okay with that, a three-day free trial will help you get a better feel of the UI, speed, and performance, which were rather good in our tests. Also, PureVPN has a seven-day money-back guarantee. Give them a try using the link below!
- Highly affordable, especially in long-term plans
- Fast speeds
- Compatible with 50+ platforms
- Allows up to five simultaneous connections
- Global coverage
- Supports up to 75, has customizable plans for more devices
- Flexible payment options
- Only six countries covered in the standard plan
- Mediocre security
- DNS leaks; connection logs are kept
Israeli-based provider SaferVPN offers excellent customer service, intuitive and good-looking desktop client, mobile apps for iOS, Android, Windows Mobile OS and Blackberry.
The service maintains a no-logging policy, but it records ample session data. SaferVPN offers above-average speeds and supports OpenVPN, L2TP, IKEv2 and PPTP security protocols.
SaferVPN might be a great option if you are looking to provide your employees with a smooth experience when they are working across multiple devices (desktop and mobile). SaferVPN offers a one-day free trial, and then a 14-day money-back guarantee, so you have ample time to make an informed decision before committing to a long-term subscription.
- Accepts Bitcoin and Paypal
- Supports all major platforms
- Offers customizable plans
- Supports up to 20 devices, but can be more in custom plans
- Has extension for Chrome
- Excellent customer service, dedicated account manager
- Logs sessions in detail
- No management software