Without encryption, remote access would not be possible, it would be all too easy for a Man-in-the-Middle attack to occur and confidential information to be intercepted. This is why remote access tools use a cypher and key to encrypt data from the endpoint to the destination. The protocol used to set up the encryption is equally important and both need to be carefully considered when choosing an enterprise remote access tool. But, why does the remote access protocol and encryption method matter?

Common protocol and encryption methods

Point-to-point tunnelling protocol (PPTP)

The first widely used encryption protocol dates back to 1995 with the Point-to-point Tunneling Protocol (PPTP). While PPTP is extremely fast and is supported by every major operating system, vulnerabilities were discovered in it as early as 1998. In 2013 it was revealed the NSA routinely decrypted PPTP traffic, which led the security community to state “PPTP traffic should be considered unencrypted”. Surprisingly some remote access tools still use PPTP despite this.

OpenVPN

The most common encryption protocol today is OpenVPN and is regarded by security professionals as one of the most secure VPN protocols currently available. Created in 2002, OpenVPN makes use of SSL/TLS technologies to set up encryption, commonly AES-256. Unfortunately, this means that OpenVPN does not provide particularly fast connection speeds because the high-end encryption and advanced methods of encapsulating data require a significant CPU overhead.

Additionally, the use of SSL by OpenVPN  means that when connections are interrupted, a lengthy handshake process must take place to reestablish access. Unfortunately small interruptions are common over wireless connections as users move between Wi-Fi access points, cellular connections, and even between the two. As shown below, the typical SSL connection requires a 4 Round-Trip Time (RRT) while encryption is set up which contributes to the delay.

Modern remote access needs

Both PPTP and OpenVPN continue to be extremely popular amongst VPN remote access providers, despite their respective issues. Both were developed prior to the mass adoption of wireless data networks and mobile working and are simply no longer suitable for the majority modern business use cases. A remote access tools needs to meet a new set of requirements:

  1. Efficient protocols  – Regardless of whether it is a laptop or mobile phone, many users are using their devices away from power sources. Any encryption protocol needs to be efficient so that the overhead does not consume too much CPU time and battery life.
  2. Speed and resilience – Many applications now run in the cloud, as a result, low latencies are required to enable a smooth and productive end user experience. Additionally, as many users now utilize cellular or Wi-Fi connections the access protocol needs to be highly resilient to interruption.
  3. High security – Cybercrime continues to grow year-on-year, security needs to remain a priority for any remote access tool to prevent unnecessary breaches. Improving the speed and resilience of a remote access or making the encryption more efficient can not come at the expense of security.

A robust new approach

It is clear that the most common remote access protocols are not suitable for the modern challenges that a business can face. Discover some of the new technology standards that are reshaping the remote access landscape. If you would like to learn more about this technology and how it can help your businesses please get in touch with one of our experts.

Continue reading | How to get the most out of remote access with the latest protocols and encryption ›