Virtual Private Networks, or VPNs are in hot demand right now for obvious reasons. They are one of the key pieces of technology a business can use to enable remote working and allow their workforce to access their data in the office from anywhere. It is however important that they’re configured correctly or you could be opening yourself up for attack.
The main use case for a VPN is to enable remote working. Jeff from HR wants to look at some payroll documents on the company shared drive. With a VPN he can connect into the shared drive and access the company data as if he was physically in the office, this technology has allowed thousands of businesses to continue operating.
But there are other use cases as well.
Take Janice. She doesn’t need to log onto the VPN as all the work she does is on cloud-based software. She’s sat in a coffee shop getting some work done via the Free Complimentary WiFi! However, what Janice doesn’t know is that anyone connected to the same WiFi can see the data going to and from her laptop, and prying eyes can ‘sniff’ the network traffic and take a look.
So what’s this got to do with a VPN? Well, if Janice uses a VPN, it “tunnels” her connection back to the office. Think of the Eurostar tunnel, the train is the data and the sea is the big wide internet. The sea never sees what’s inside the tunnel, and the train never enters the sea. So the data is protected from prying eyes trying to get a hold of the data, it’s only seen by Janice’s laptop and when it leaves the other end of the tunnel in the office.
This doesn’t just go for work either. You may have seen adverts on YouTube for various VPN providers. These are all there to help protect your online identity by making sure you are anonymous so that people like your Internet Provider can’t see what your internet habits are or if you really fancy watching something on Hulu you can choose to make it look like you live in America (not that we would ever condone such Terms of Service breaking practices…) it’s all the same technology, they just make it so your tunnel comes out of America.
As I said before, it’s key that this is all setup correctly to keep yourself secure. Thinking back to my Eurostar analogy, if they built the tunnel out of clay I don’t think it would take long for it to collapse, and a poorly configured VPN could be broken into very quickly, so be sure to work with your IT provider get it setup securely.
“Be sure you are using two-factor authentication”
One final note. If you are planning a VPN into your office, remember this is an entry point into your office network and should be guarded as closely as a key to the front door. If you are going to setup a VPN, make sure it’s protected by 2FA as the whole design of a VPN is that you can access it from anywhere.
Written by James Rood