You don’t want sensitive business data and customer information stolen by cybercriminals. That’s where a virtual private network (VPN) comes in.
A VPN secures your internet connection, protecting it from prying eyes and cyberattacks. Originally the purview of large corporations, where it’s considered among the best practices for network security, VPN technology is now readily available for small businesses.
Yet not only are cyberattacks on the rise, but they’re also getting increasingly sophisticated, making them difficult to stop. Even a standard VPN isn’t enough security for some.
Enter the multihop VPN. Also called a “cascaded VPN” or “double VPN,” the multihop VPN raises the bar on the traditional VPN approach, delivering unprecedented security and privacy.
But is it overkill for your needs? Let’s check out a multihop VPN’s pros and cons to answer that question.
Overview: What is a multihop VPN?
To explain a multihop VPN, it’s necessary to first understand how a standard VPN operates.
- As you surf online, you’re sending data, such as which website you want to visit, to a single server operated by your VPN provider. The VPN software on your computer encrypts this data before it’s sent to the VPN server.
- A VPN creates an encrypted connection, called a tunnel, between your device and the VPN server so your data cannot be easily intercepted by cybercriminals.
- Once your data arrives at the VPN server, it’s decrypted, adopting the IP address of the VPN server (so your request appears to come from that server, not your device), and then is sent to its final destination.
This standard VPN setup is sufficient for many internet users. But inherent limitations exist.
- A single VPN server makes it possible to correlate website traffic coming out of that server with the devices requesting those sites. This traffic correlation allows an outsider to identify your activities.
- Compounding the problem is the fact most VPN providers, such as NordVPN, rent servers from data centers owned by other companies. This limits a VPN provider’s ability to prevent a security breach.
- If those data centers get hacked, as was the case with NordVPN in 2018, attackers can gain access to the data necessary to perform traffic correlation.
A multihop VPN improves on a standard VPN. Here’s how a multihop VPN works.
- Your internet traffic is hopping between two or more VPN servers before arriving at its destination. These servers are usually located in geographically disparate places, such as two different countries.
- With every hop, your internet activity receives a layer of encryption from each VPN server.
- Each new server only receives the previous server’s IP address, increasing your anonymity with each server hop.
- By the time your internet traffic arrives at the destination site, it’s undergone several layers of encryption and multiple IP address changes, making it virtually impossible to track back to the original computer.
Two approaches to multihop VPNs exist: a cascaded connection and a nested chain configuration.
VPN cascading commonly uses a single VPN provider. Several vendors offer a double-hop VPN, where you’re using two VPN servers, and some offer hops across up to five VPN servers.
The nested chain method employs two or more VPN services using multiple VPN servers. This approach offers greater security.
If a VPN vendor suffers a hack, you’re still protected by the additional services. But a nested VPN chain configuration isn’t commercially available, so you must set it up yourself.
Advantages of using a multihop VPN
The benefits of using a multihop VPN are hard to beat. It delivers better security, privacy, and anonymity.
The encryption afforded by a standard VPN is enough to stop criminals from accessing your data, but traffic correlation is still possible. A multihop VPN blocks this type of sophisticated attack, providing even greater endpoint security for your device.
A multihop VPN’s web of VPN servers and corresponding IP address changes ensures an attacker cannot correlate traffic exiting a server back to your device. The attacker may see a VPN server’s encrypted traffic but won’t know if this is the final server or an intermediary.
A multihop VPN provides superior privacy. The first VPN server has your IP address but the one at your destination does not. The last VPN server has your destination but not your original IP address, only that of the previous server.
Since your IP address changes several times through this VPN chaining, an attacker would need to monitor each of the multiple VPN servers involved, and even then, would have to guess which of the traffic heading to the destination is yours. This makes it nearly impossible to track online traffic back to you.
Several forms of online restrictions exist. An oppressive government may block access to websites. Some content, such as a streaming web series, may be available only in a specific geographic area. So if you’re traveling, you may lack access to the same content you had back home.
A VPN lets you bypass such restrictions. Your internet traffic appears to come from another geography, specifically, the VPN server’s location. This allows you to access blocked content, and a multihop VPN ensures such activity isn’t traced back to you.
Disadvantages of using a multihop VPN
Every technology has pros and cons. While a great tool for internet privacy and security, a multihop VPN comes with some downsides.
Slower online connections
Slower internet speed is a reality of forgoing a direct path to your destination. Traveling through multiple servers naturally prolongs the time required to arrive at your destination. Add to this the time it takes to travel the distance between VPN servers, which span the globe. And that’s not all.
The process of encrypting and decrypting your data also increases the time required to complete your online activities. You’ll need a fast internet connection to begin with, or you’ll really feel the hit on speed.
Using a multihop VPN requires more computing resources from your devices. Your smartphone or laptop must encrypt and decrypt all data coming and going online.
This can slow down your device performance, particularly for older devices with limited computing power.
Is a multihop VPN right for you?
A standard VPN’s encryption sufficiently protects the confidentiality of your online messages or site visits from cybercriminals. So whether a multihop VPN is necessary depends on your specific needs.
When a multihop VPN makes sense
Using a standard VPN is important for any business given the rise in cyberattacks. Taking that extra step to adopt a multihop VPN is particularly necessary in these scenarios.
- Privacy is important: ISPs (internet service providers) and virtually every website you visit are collecting data about you. If your work involves interacting with or research into sensitive subject matter, you may not want these external parties having visibility into that work. Political activists, celebrities, and journalists protecting their sources can find value maximizing online privacy through a multihop VPN.
- Censorship limits access: Many services limit internet access based on your geographic location, or you may be barred from certain online activities due to government censorship, as is the case in some countries. Since a multihop VPN masks your true IP address, you can circumvent these blocks. In the case of a repressive regime, you need the extra protection of a multihop VPN to ensure your activities aren’t tracked back to you.
- Data security is a must: While typical cybercriminals don’t have the time and resources to crack a standard VPN’s encryption, governments do. If avoiding decryption by external entities is important to you, a multihop VPN’s added encryption layers are an asset.
When to skip the multihop VPN
For most, a standard VPN provides enough online security and privacy. A multihop VPN is overkill in these cases.
- Typical internet use: Most internet users can enjoy excellent protection through a standard VPN, and by exercising safe online habits such as visiting only secure websites (those using https in their URLs). A multihop VPN’s advantages won’t outweigh its downsides for typical internet use.
- Speed is essential: Skip the multihop VPN if you’re working with a slow internet connection or otherwise can’t afford a multihop VPN’s reduced speed. For example, streaming video can become unwatchable with a multihop VPN’s slow connection.
- Cost is a factor: A multihop VPN is not for a tight budget. Adopting a vendor’s VPN service requires a subscription, and since multihop VPNs are not in high demand, they can cost more.
Final advice about multihop VPNs
If you feel a multihop VPN is for you, ensure VPN vendors provide multiple layers of encryption. Some only provide a single layer and simply forward your traffic from one VPN server to the next without applying additional layers.
You also want to confirm the VPN vendor will not keep logs or otherwise track your online activity. Even if the vendor does nothing with this data, having it means it’s susceptible to theft, or at minimum, subject to governments seizing it.
Online anonymity is the biggest benefit of a multihop VPN. So you should only work with a reputable provider with a proven track record of protecting your privacy.