Since the data is encrypted in VPN, obviously the data sent from the user to its destination is secured. Despite that, the data has to be moved as the employee wants. Hence, extra precautions are needed to be taken for security. With VDI, nothing can be done except restricting the data flow. Therefore, VDI has to be configured in such a way that it never leaves the corporate network. Thus, when it comes to security, VPN is a winner.