Protecting Home Offices: Full-tunnel VPN vs. Split-tunnel VPN

All posts

The transition to work from home was a significant change in people’s lives and the ways businesses operate. Some people were provided company devices to work with, while others have no other choice but to use their personal equipment. Whichever case applies to your work, there are IT security implications to consider.

The main problem is that access to classified data cannot be easily transformed for home use. Nevertheless, home networks must have corporate protection layers while at the same time remaining flexible enough to keep other household members going on with their day-to-day activities, gaming, streaming media and online shopping. This is where the challenge becomes especially tough – how to offer tight protection and, at the same time, stay flexible to each user’s needs.

Whenever people work from home, there are two typical scenarios of how they can access company resources in recommended ways with the help of VPNs. One is called the full-tunnel VPN scenario; the other is the split-tunnel VPN.

Full-tunnel VPN: Costly 

In a full-tunnel VPN scenario, whenever the user connects to the enterprise network, all network connections go through the enterprise network. Whenever the user starts a new YouTube video or Netflix movie, all network packets traverse through the enterprise network. Supporting this scenario for all employees might involve upgrading costly business Internet connection lines, network equipment, VPN servers, etc.

Split-tunnel VPN: Risky

In a split-tunnel VPN scenario, only packets where the destination is in the company are routed to the company network. IT teams must set up new VPN connections for many users recently, and many IT teams choose a split tunnel. In many cases, companies had to switch from full-tunnel VPN to split tunnel due to infrastructure that is incapable of working under the extensive full-tunnel VPN load. As there is no one-size-fits-all in risk management, each company should calculate the cost difference between the full- and split-tunnel VPN scenarios, and measure this against the increased risks of malware infection, phishing attacks, etc.

Diversifying Protection Is the Biggest Challenge of Spring 2020

The work environment must be secure, and the home environment must be protected while at the same time providing freedom of choice and actions for kids and people with different needs. Diversifying protection means is where the biggest challenge of spring 2020 lies. ISPs have one problem arising with increased network usage: increased attempts to compromise, attack and exploit home Internet users who might not be fully aware of how dangerous specific parts of the Internet are. However, operations cannot stop, and these challenges have to be overcome in order to ensure safe home work environments.

Other posts by Zoltan Balazs

header image
IoT Labs
Cybersecurity Labs
Labs