For the best web experience, please use IE11+, Chrome, Firefox, or Safari
OneLogin + One Identity delivering IAM together. Learn more

What is a VPN?


VPN stands for Virtual Private Network. As the name indicates, it creates a virtualized private network over the public internet. It hides your actual IP address, encrypts all your connections with the outside world, and gives you anonymity.

All You Need to Know About VPNs

Think of the internet as a public highway, which all the computers in the world use to send and receive information. The information can be encrypted and, hence, indecipherable for everyone but the receiver, but it can still be intercepted.

Now think of a VPN as a secure, private tunnel that runs underneath the highway. Instead of sending information on the public highway, you use the private tunnel, known only to you and the intended receiver.

To take privacy and security up another notch, a VPN hides the identity of the actual sender. Anything you send using a VPN first gets received by a VPN client. Think of it as a post office on the tunnel, which will take your letters, put its own address on them, and then ship them wherever you want. As far as the receiver knows, the letter came from the post office, not you.

And, of course, the letter is translated into a language understandable only by the receiver. If and when the receiver responds to the letter, it’s received by the post office, translated back into plain language, and sent to you.

How Does a VPN work? The Technical Nitty-Gritty

When you access a website on the internet without a VPN, a request gets sent to your Internet Service Provider (ISP), which connects you to the requested website. All your personal information (IP address, location etc.) is unencrypted and accessible to the ISP and any other intermediaries.
Instead, if you use a VPN, the VPN client establishes a secure, encrypted tunnel from your device to the VPN server. The VPN client hides your IP, location, and other information from the ISP, and any other intermediaries.

When the information reaches the VPN server, it is decrypted and passed on to the intended receiver. This way, you get to access your favorite websites with complete anonymity and security.

How does a VPN work

Are There Downsides to Using a VPN?

  • Even though the best VPN software is usually fine-tuned for maximum performance, some VPN clients may slow down your connection speeds. This is partly because of the added encryption overhead, and partly because data has to travel a bit more (to and from the VPN server). More and more websites have configured VPN blockers to fight against VPN connections. These blockers use intelligent algorithms to detect and drop VPN traffic.
  • Bandwidth-intensive activities like gaming and video conferencing, etc. may not work the best with VPNs.
  • It’s alleged that many free VPN providers log your data and sell it to other companies.
  • Some countries, including China, Russia, North Korea, and Uganda have banned VPNs.

MFA for VPNs

VPNs are widely used to form secure, remote connections to an organization’s private networks. Employees working remotely can log in to establish VPN tunnels that allow them to access internal resources.

Since a VPN login can grant remote access to a company’s private infrastructure, it should require more than just a username-password combo. It’s recommended that you enable multi-factor authentication (MFA) and configure at least one additional authentication factor, e.g., a one-time passcode (OTP).

What is a VPN Kill Switch?

Your VPN client hides your real IP address and gives your device a new IP address. This IP address and corresponding location is used when you access the internet. But what happens if your connection with the VPN server suddenly drops?

This can happen if the VPN service stops or malfunctions for some reason. Usually this results in your computer falling back to the original IP address, which can cause your location, online activity, and other information to be suddenly visible to others.

To prevent this from happening, some VPN products provide a feature known as a VPN kill switch. The kill switch disconnects you from the internet if and when your VPN connectivity drops. There are two types of kill switches: application-level and system-level.

An application-level kill switch gives you the ability to select the applications you want to disconnect from the internet. Conversely, a system-level kill switch enforces a full-fledged shutdown of all online activities.

Can I Use a VPN on a Mobile Phone?

Yes, you can set up a VPN on your mobile phone. There are many free and premium VPN providers that offer smartphone solutions as well. However, take extra care while choosing a VPN application for your phone.

This is because a lot of our time on the internet is spent on smartphones. If you end up choosing the wrong VPN provider, a lot of your personal data can end up in the wrong hands. Moreover, your browsing may significantly slow down and your entire experience may get ruined because of annoying ads.

What Does VPN-Less Access Mean?

VPN-less access is the modern way to access remote privileged systems securely and without VPN. These solutions typically use adaptive authentication to determine the number of authentication factors a user must provide before being granted access to internal resources. They allow organizations to build true zero-trust architectures.

VPN-less solutions are gaining traction because they are more user-friendly and allow administrators to apply the principle of least privilege, i.e. a logged-in user should only be granted access to the resources they are required to use.

This is in stark contrast to VPN-based access, in which once a user logs in to the VPN network, they are intrinsically trusted to have access to all resources.

A VPN can go a long way in ensuring anonymity and privacy of a user, both at the personal and organizational levels. There may be some downsides, but the pros far outweigh the cons, especially in today’s world, where cyberattacks are at an all-time high.

Try OneLogin for Free

Experience OneLogin’s Access Management capabilities first-hand for 30 days