Virtual Private Networks are popular with enterprises as a means of securing their sensitive data. Using a VPN allows users to securely access a private network and share data remotely through public networks using a process commonly referred to as “tunnelling”. A VPN tunnel performs an operation known as data encapsulation whereby a secure tunnel wraps two endpoints thus protecting the contents.
A team of researchers from Sapienza University, Rome and Queen Mary’s University, London recently published a report “A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN Clients”. The report says that promises of privacy and security from the VPN vendors are not accurate , and that they found 14 of the top commercial VPN’s in the world leaked data exposing “significant amounts” of traffic to public detection.
These findings certainly call the security of VPN’s currently in use into question, but whilst vulnerabilities have been shown to exist the report concluded if configured correctly a good level of network encryption can be achieved using a VPN.
The Managing Editor of HelpNet Security Magazine, Zeljka Zorz believes that privacy conscious clients should be aware of the issues highlighted in the report and choose a combination of technologies that better suit their needs. This is good advice indeed…