Since long before most office workers began full-timing it from home, VPNs have been the tool of choice for remote workers who need to access corporate networks. While the average security-conscious person might use a personal VPN to access region-locked streaming video or just to protect their privacy, VPNs have a much longer history in the workplace. VPNs let employers offer protection to their workforce, and in some cases, let remote employees access corporate resources as if they were sitting in their offices.
PCMag has done extensive testing of personal VPN services for years. That being the case, we decided that our first foray into the space of business-class VPNs would be to examine the business and team offerings of some of our favorite personal VPNs. Note that there are other products and services tailored exclusively for enterprise customers and IT departments. We haven’t examined those services for this piece.
All of these VPNs provide all the assurance or privacy you get with any VPN. When anyone on your team connects to one of these services, their traffic is routed through an encrypted tunnel between their machine and a server operated by the VPN company (or by your company, but more on that later). Nobody, not even those on the same Wi-Fi network, will be able to monitor or intercept their traffic. Even ISPs will be blinded, and unable to sell anonymized data about their movements. Out on the web, your team members will have their true IP addresses hidden behind the IP address of the VPN server. They’ll also be able to spoof their locations by connecting to a distant server.
This doesn’t directly help your employees do their jobs, but it does protect their privacy and their data. Some VPN companies argue that it helps protect sensitive files and corporate data, but I’d argue that those shouldn’t be sent over any system that doesn’t already encrypt and protect them. Or, better yet, don’t let those files out of your secure network.
If your workforce travels often, or works remotely, they may frequently be in situations where the available Wi-Fi is far from trustworthy. Similarly, remote workers may need to spoof their locations to access localized versions of sites. Also, providing the tools and training to improve their privacy and keep themselves safe, may spill over to keeping your corporate information safe.
Keep in mind that your employees and your companies will still need basic security protection. Using password managers and two-factor authentication will help protect against account takeovers that can expose corporate data and be used for phishing attacks. Antivirus protects machines against malware that could cost valuable time and money repairing.
Several of PCMag’s top-rated VPN companies said that while they do not offer corporate or team options, they are aware that some companies do procure their products to secure employee privacy online. These include CyberGhost, Surfshark, and Editors’ Choice winner ProtonVPN.
Some of these VPNs go further, letting you access your local network and network resources as if your employees were physically on the network. Before the bewildering advent of consumer VPNs, this is what VPNs were primarily used for: connecting securely to work stuff. While terminology sometimes differs, the companies we spoke with usually call this a “site-to-site VPN.”
With this setup, all VPN traffic is routed through a server controlled by your company, usually on company premises. This lets employees access resources like shared drives, and work as if they were connected to their office internet. Jack Murray, Senior Researcher at NordVPN Teams, told me that this model has some issues. The on-premises server requires upkeep, and can become a bottleneck since all the VPN traffic has to flow through the corporate network. “The connection between the outside networks and the company network gets jammed at the edge — just as we saw with numerous companies during the COVID19 lockdown,” said Murray.
Like so many business operations, some VPN companies have moved to the cloud. In this scenario, traffic is routed from employees not through a server in your office but a dedicated server operated by NordVPN. “Allocating different connection capacities, the traffic is split into the flow that goes to the local network and the rest of the internet, instead of sending all traffic through local network as traditional corporate VPNs do,” explained Murray.
Golden Frog VyprVPN has a similar offering called VyprVPN Cloud. “Although the on-premesis server has similar characteristics, it is slightly different from a site to site VPN,” a VyprVPN representative told me. By connecting to a dedicated, cloud-based server, Golden Frog’s customers can securely access more company resources, not just those attached to an on-premises server. The representative explained that corporate customers can add the static IP address of the dedicated server to an access list, letting remote employees connect to cloud-based resources.
The differences between different setups can be very confusing. If you’re exploring purchasing a VPN for your company, it’s important to understand what you want a VPN to provide your team. Once you understand that, you can work with potential vendors and ensure that you’re getting exactly what you pay for.
Among the VPNs listed here, Encrypt.me, Golden Frog VyprVPN, and NordVPN allow for accessing corporate resources remotely. In some cases this can include on-site, dedicated server deployment. You should contact these companies for more information if this sounds right for you.
(Note: Encrypt.me is owned by J2 Global, which also owns PCMag’s publisher Ziff Media.)
Keep in mind that routing employee traffic through corporate networks can make things a little complicated. Unless there’s been some very specific configuration, anyone connected to the VPN will have all of their traffic routed through the corporate network. This might include some things that suck up company bandwidth, such as streaming videos, or may be against the policies of the company, like BitTorrent seeding.
It can also lead to embarrassing situations. An employee could easily forget they’re connected to the corporate VPN before streaming porn, or any content that’s inappropriate for the workplace. When using corporate VPNs that connect to private networks, be sure you know how they work, how to tell when they’re active, and how to shut them off.
When you connect your personal device to a VPN, all of your traffic flows through its infrastructure. If the VPN company chose to abuse that position, it could learn as much about you as your ISP. That’s different with some of the team and corporate options, since it might be your company that’s in control of the server. But signing on with any third party means being aware of the risks to your business and your employees.
Unfortunately, the consumer VPN industry is still fairly young and extremely volatile. It can sometimes be hard to tell who the good actors are. When we review VPNs for PCMag, we send the companies a questionnaire that asks about what country’s legal framework the VPN company operates under, what efforts are made to secure server infrastructure, whether the company sells user data, and so on. We try to include as much information as possible in our reviews so readers can make an informed decision. For one reader, a US-based VPN might be a total nonstarter. For another reader, being based in the US might be a critical need. Read our full reviews for more on how each service protects users’ privacy.
Again, it’s probably a different story if you’re hosting the VPN server yourself. But consider that your employees may be using the service’s commercial servers for day-to-day browsing, and may be using the VPN company’s app. If you’re looking at a VPN company, take some time to ask about their privacy policies, what protections are in place for your information, and what efforts they make to protect customers.
A VPN goes a long way toward protecting individual privacy. It can also protect your corporate data, whether it’s by connecting your workforce to a secure network or ensuring that your employees are safe in their day-to-day lives. While you can set up your own VPN, opting for a team or business account from a consumer VPN means you’ll get more servers, more support, and apps made for everyday use.
