As companies grow, they expand to more locations, have staff working from home or from other remote locations. For business to run efficiently, staff working remotely need a fast, secure, and reliable way to share information over computer networks. Field staff need an equally secure and reliable way to connect to their company’s computer network from remote locations.
Especially during a pandemic, many companies use the ability to connect from home to an organization’s information system. Users are given VPN access; the necessary rights are added to them and that is it. But do users know what a VPN is?
Most of the technical explanations sound vague and are not easily understood by technically unskilled users.
What is a VPN?
A VPN (Virtual Private Network) provides a secure connection between you and the content you access. It can be a website or your organization’s information system. It is designed to send all data traffic through a secure, encrypted tunnel that prevents access to data in transmission by hackers, governments, Internet service providers, or anyone else who would like to access that data for any reason.
VPNs evolved from the need for companies to have staff remotely access the computer system, but with the same rights as someone who logged in from the company’s information system.
VPN is an essential tool that helps organizations protect the information and data exchanged during operation, as well as protect access to the organization’s internal systems.
Basic principles of VPN operation
VPN services most often work on the principles of tunneling, encryption, non-logging, and server diversity.
VPN tunneling is the secure transfer of data from one point to another through a potentially insecure environment.
The simplest example from life, is walking from one to other location, where everyone can see you as well as intercept you. And now imagine setting up a tunnel from one location to another, at the entrance there is a ramp where you must identify yourself to enter the tunnel, and on the other side. In that case, no one sees you when you pass from one point to another, and no one can intercept you.
The VPN works on the same principle, where all incoming and outgoing messages are packed and as such travel through that tunnel. No one can track or read them.
Data that travels unencrypted can be intercepted and is easy to read, but a VPN uses advanced data encryption techniques that travel from one point to another, so if someone intercepts it, that data is unreadable to attackers.
Without a proper encryption key, no one can access this data.
3. No logging
This rule does not apply to organizations that need to keep records of system connections and user activities.
This applies to VPN service providers, especially for surfing the Internet, who often claim not to follow any records. Most often, they track the minimum records that are related to your login to their service, but generally do not track your searches and page views on the Internet.
Remember that this rule does not apply in general and some VPN service providers claim that they do not monitor and record your activities but do just the opposite.
4. Global server network
In order for VPN to allow you to surf the Internet as if you were in another country on the planet, VPN services offer a multitude of servers that can be located in different parts of the world, e.g. USA, China, India, Australia, Germany… Technically, you connect to another server through which you connect to the Internet.
In this way, you can access content that is, say, only allowed in those areas. A VPN server is software that helps you establish a secure remote connection. This software can be located on physical or logical servers, as well as on specialized devices.
How to securely use a VPN?
Although VPN, as a technology, is quite secure, one vulnerability is always present. And that is the human factor. It is the person who must make sure that the environment in which he/she connects is safe from threats that can take advantage of the established VPN connection and break into the system of the organization. Some examples of additional protection are:
- Malware protection in place, which prevents the installation of viruses and similar software that can access your organization’s data through your computer. Remember, when you are connected via a VPN, you very often have the same access as if you have within an organization.
- Never leave your computer unattended, as anyone who comes to your computer can do damage equivalent to your rights to the system. It can also be children, who will not do it on purpose, but it can also be someone who has malicious intentions.
- Follow all the security instructions of your information security manager, who will instruct you in the safe use of your organization’s VPN.
- If you are unsure, ask, if you have anything suspicious, ask. Because it is better to ask than to do something that will expose your organization’s information system to a whole host of threats.
VPN is a very useful technology, but if all the risks of using it are not assessed, it can potentially lead to great harm to the organization.