I suppose being in the IT / DN echo chamber on Reddit has skewed my perspective, but according to this report for pesonal use it’s 26% and rising as of last year.
https://www.security.org/resources/vpn-consumer-report-annual/
I believe that includes mobile, desktop, and dedicated hardware, but still backs up my sense that a blanket ban on VPN usage could be problematic for a firm to implement.
You’re right they wouldn’t know exactly the reason, but it could be a start to an investigation as an indicator of compromise. The SOC isn’t there to find people breaking company policy but sometimes company policy intersects with cybersecurity and in this case it might be an indicator that someone is attacking the company.
A few minutes of researching conditional access stuff leads me to believe this is heavily dependent on the team monitoring this and if they have the time to follow-up on every alert and aren’t already alert-fatigued.
This was a pretty straightforward reference on the kind of risk events that can be generated if a user is trying something like NordVPN/TOR and the company has appropriate conditional access policies in place.
https://dirteam.com/bas/category/azure-ad/identity-protection/
Additionally this Reddit thread was a bit helpful and some of those folks mentioned how much of game of “whack-a-mole” it is to block IPs of known VPN providers.
https://www.reddit.com/r/AZURE/comments/u0itid/conditional_access_to_block_consumer_vpn_services/
OP might have had better luck testing StarVPN (they provide dedicated residential IPs) PRIOR to leaving their home country and developing a good long-term behavior profile instead of just using AzureVPN.
Also found this pretty cool write-up on AzureAD conditional access from an attacker’s perspective. https://danielchronlund.com/2022/01/07/the-attackers-guide-to-azure-ad-conditional-access/
Fortunately most people don’t believe in limiting someone’s lifestyle choices because they think the person makes too much money. Also not sure why you’re in this sub if the nomad lifestyle is that offensive/unethical to you. I’m not trying to be an asshole, just genuinely curious.
Companies that care to block or notify based on your geolocation care enough to block or notify based on cheap public VPN use
From the understaffed fintech startup world it’s usually less work to just click the “block all the things” box and adjust down from there. We geoblocked most of the planet and all of the VPNs we could find
If we’re stuck actively playing whack-a-mole then it’s just a matter of time before you get whacked. If your traffic always comes from your bro Steve’s apartment in San Ramon like was suggested in the post I replied to you’re effectively hidden.
Fortunately most people don’t believe in limiting someone’s lifestyle
choices because they think the person makes too much money.
You completely missed the point. No one is “limiting someone’s lifestyle”. If you are living in an area making 10x the salary of the locals, you’re willing and able to pay a lot more for rent than they are. Land lords take the higher amount and eventually locals can’t afford to live there anymore.
Have you folks tested your configs using any of the commonly known VPN services?
EDIT: Found some older comments from PIA where they state they’re rotating IPs to their servers. The VPN setup from Steve’s apartment is still better, my only beef is the potential bandwidth problems.
“However, I can tell you that 3-4 regions usually have fresh IPs at any given time”
“Where you wish to whitelist our IPs, there are many who would instead blacklist us”
What’s the solution here? Would you not allow people to move to that area?
They’re still data centre IPs, not residential. Lists of those are easy to go by.
As someone who did the vagabond (“digital nomad”) thing before it was popular, I can tell you the solution is to make ethical choices. My parents come from poor countries, and right now people are visiting and giving money to municipalities that misuse the money and let the locals fend for themselves. Oh, but what a joyous occasion a digital nomad is experiencing “local” life, while driving up prices, etc. The solution is to choose a destination that is conducive to the nomad and the local population. Unfortunately, I subscribe to this r/ to see just how many people ignore that, and it’s a lot.
My parents come from poor countries as well and I have not heard any complaints from family regarding nomads. It varies country to country but I don’t think it’s as widespread an issue as you are insinuating. As long as you’re not an asshole and respect the culture there should be no issues.