A Secure Way to Connect to Networks: Why you Need a VPN
Across industries, we have seen a gigantic push to work-from-home thanks to the pandemic. Many businesses and organizations have seen benefits from this, from work flexibility to reduced overhead costs, and are planning on keeping the work-from-home strategy in some form. Networks have been stressed with this push. Not all networks were designed to be accessed from home. We have seen a spike in cyberattacks over 2020 and see the trend continuing into 2021.
How do you keep yourself, your data, and your network safe and secure? One method is a Virtual Private Network or VPN. VPNs allow you to create a secure connection to another network over the internet and were originally created as a secure way to connect business networks together and allow you to access your business network from home.
What is a VPN?
A VPN is a secure internet connection using an encrypted tunnel that protects your data and ensures your online privacy. A VPN works by first sending a DNS request, which is how you get the IP address of the VPN server. Next, secret keys are built, which are needed for the next step. The third step in the VPN process is using the secret keys to create a secure channel. Lastly, VPN protocols encrypt your data using the secure channel.
When you turn on a VPN, your web traffic is encrypted and routed through the tunnel to a server operated by the VPN company. Once it reaches the VPN server, your web traffic exits onto the public internet. This protects you in many ways. The VPN encrypts your online data, which helps secure your personal information when you connect to a public WiFi; think of your favorite coffee shop, hotel, or airport. It also protects your web traffic from your ISP (Internet Service Provider).
On a tangent attached to your ISP, your ISP has access to everything you send (your web traffic) and has been permitted to sell your anonymized information to advertisers. When you are on the internet without an encrypted connection, advertisers can track your movements between websites and even find your location by looking at your IP address.
Why use a VPN
We’re going to focus on why you would use a VPN for commercial reasons, but we will cover a few other uses as well.
For work, a VPN creates a connection between your device and the organization’s network. Say you own a business located in St Petersburg, FL but you have a meeting in Tallahassee, FL. While you’re on the road, you can connect to your business network via a VPN, allowing you to securely access files from the business network.
You may also use a VPN for security. Using a VPN encrypts your connection, preventing others from seeing the data you’re transferring. This keeps your connection and data secure, especially when you’re connected to a public WiFi network.
On a more personal level, using a VPN also hides your activity from your ISP. Some ISPs may throttle your connection speed based on content. For instance, you may stream a lot of videos (Netflix, Youtube, Disney+, and more for the cord-cutters) and when they throttle your speed, your video may become grainy, dropping the resolution. Your video may pause to buffer, or you may not even be able to watch some videos. Using a VPN sends all of your traffic to a single point through an encrypted tunnel, preventing your ISP from knowing what kind of content you’re viewing.
When you connect to a VPN, it routes your traffic through another network located elsewhere. For example, you may live in St. Petersburg, FL, and use a VPN that routes your traffic through Switzerland meaning, it appears as though you’re accessing the internet through Switzerland. This allows you to cross geographic barriers to some content that is available in one region but not another. This also helps in the sad situation of censorship. Many people live in countries with high levels of censorship and covert monitoring. VPN’s are one of the best ways to get around censorship and monitoring.
What VPNs Do Not Do
Just because your using a secure VPN does not mean you can forget about your security basics. Many VPNs claim to have the ability to block malware but we recommend you stay vigilant. 2020 has seen an increase in cyber attacks and we recommend you still use a standalone antivirus.
VPNs do not block Phishing attacks either. Phishing attacks are when a cyber attacker uses a fake website that is a lookalike to another website, tricking you to enter your login credentials. Or when a cyber attacker sends a phishing email, luring you into clicking a malicious link. Remain aware of these cyber-attacks so you do not fall victim to one.
Websites can track your movements through cookies (remember all those pop-ups you need to click to approve cookies?), browser fingerprinting, and other means. Use a dedicated ad-blocker to make it harder for advertisers to follow you around the internet.
How to Choose a VPN
Not all VPNs are the same, some differing a great deal. You may first begin with your budget. Some VPNs are free, while some have a cost which may vary significantly from one company to another.
Another point is privacy. When you connect to a VPN, the VPN has as much insight as your ISP would have. While we would like to think that any VPN would never sell our data, you should read through their privacy policy, which will outline what they do to protect or not protect your privacy. You may also want to know where the VPN company is based, what jurisdiction the company operates under. Certain countries do not have any data retention laws. Other countries do, requiring the VPN company to hold onto certain information of their users.
What protocols does the VPN company support? Not all VPNs are equal, and you should go with the one that most aligns with your needs. Here are the different protocol options:
- OpenVPN: an open-source VPN that is fast, secure, and works best for long-distance connections.
- IKEv2: A fast VPN that works best for shorter distance connections.
- PP2P and LT2P: Outdated protocols that do not offer the security nor reliability of OpenVPN or IKEv2.
- IPSec: A security protocol that enables encryption that is used in combination with outdated protocols such as PP2P and LT2P.
- Transport Layer Security: SSL/TLS is used frequently (I.e. in your browser securing your connection to some degree).
- Secure Shell (SSH) VPN: A tunneling protocol used to connect from one VPN server to another.
- Wireguard: A newer communication protocol.
In the end, it all comes down to trust, which company do you trust with your data that is inside your budget.