Virtual Private Networking is being stifled by the computer-as-word-processor syndrome. In other words, virtual private networks, or VPNs, have not yet come close to reaching their potential. Companies recognize the cost-saving benefits of implementing a VPN to replace their leased lines and dial-up remote access systems, but most companies fail to recognize the possibilities beyond ROI.

Before enumerating the potential uses of VPNs, let's take a quick look at why they became popular in the first place.

1. VPNs use the Internet as the backbone for global communication.
   
2. The Internet is very affordable. The costs associated with dialing a local POP to reach the Internet are usually half that of dialing an 800 number to reach a corporate remote access server.
   
3. The Internet is far-reaching. Countries and cities that were previously excluded from the global marketplace are now being included. New markets are opening up.
   
4. Internet connectivity is much easier to manage in a dynamic network environment than leased lines or dial-up remote access.
   
5. VPNs can leverage a company's existing hardware investments, though not all do.

Companies like 3Com, MasterCard, and numerous other Fortune 500s initially invested in VPN technologies to cut costs, but they are beginning to grasp the greater implications, namely the e-business opportunities. Why should VPNs only be utilized by remote employees? The same technology can be used to secure communication between a corporation and its partners, clients, and supply chain. The biggest obstacle to using a VPN for mission-critical business activities has been security, or the perceived lack of it on the Internet. It's true that not all VPNs provide adequate security for opening up a network to third-party users, but many deliver greater security and performance than leased lines or dial-up remote access.

Although the Internet seems to breed as many sketchy characters as Central Park, high-end VPNs create the equivalent of a completely secure, guarded tunnel through which information can be safely transported from one endpoint to another. The way to tell if a VPN is sturdy enough to protect the most delicate data from the most dangerous criminals is to verify that it contains all of the following:

• Point-to-Point Security. Not all VPNs carry the encryption and authentication beyond network perimeters. Most, in fact, only secure traffic between LANs, which is fine when there are trusted parties on both sides. When third parties are involved, however, as with extranets, the security needs to be continued to the final destination.
• User-Based Authentication. Many VPN solutions authenticate users based on their machine's IP address, but this approach is more susceptible to fraud than a system that authenticates individuals based on something like a password, PIN, token card, or fingerprint (the latter being the most secure).