VPNs are a great way to secure offsite wireless traffic. Requiring teleworkers to VPN into a company network lets that employer ignore whether or not the worker's home network is secured. Requiring hotspot visitors to VPN into a company network makes even more sense, since employers clearly have no control over the security used in public Wi-Fi hotspots, or lack thereof. And, as I mentioned earlier, mobile VPNs excel at not just encrypting over-the-air wireless traffic, but making network connectivity more usable for devices that roam between coverage areas.
On the other hand, using VPNs to secure onsite corporate wireless traffic is now declining. When wireless networks were limited to WEP, VPNs were the only way to reliably encrypt over-the-air traffic. But every Wi-Fi access point shipped in the past four years supports more robust wireless security. Given the choice, more companies opt to use the WPA or WPA2 encryption built into their wireless access points, rather than adding the overhead and complexity of a wireless VPN gateway. It is not that VPNs are a bad way to secure on-site wireless traffic -- but given advances in Wi-Fi security, VPNs are no longer the easiest or cheapest way to do so.
This was first published in December 2007