Whether you watch YouTube, listen to podcasts, or spend any time on the internet at all, chances are, you’ve heard someone talk about VPNs. Maybe you understand the benefits for personal use, but why do companies use VPNs, and what should you consider before getting a VPN for your business?
What is a VPN?
VPN stands for Virtual Private Network. It is a technology designed to secure and separate traffic as it is transmitted across the open internet.
What does a VPN do?
A VPN functions by establishing a secure “tunnel” between the end-user and a secure server. A good visual might be to think of a VPN like the Channel Tunnel, which connects the U.K to France. By using advanced and varied forms of encryption, a VPN offers a safe route through the internet, much like the one the Chunnel provides drivers. In this example, the driver of a car represents the document you want to upload to the server at the office while you are at home.
First, your PC digitizes the information and places it in the car. The driver, your document, can then travel safely from one end, your computer, through the ocean that is the internet to the other side. Your document then hops out of the tunnel, dry and safe from any prying eyes, arriving at your office’s servers. Thus, even if someone were to dive and ‘inspect’ the secure tunnel, they would not be able to see the information or driver passing through inside it.
How Does a VPN work?
The tunnel established to make a VPN must first reach out from the client to the server or firewall on the far end. It does this by reaching out to a predetermined address and establishing a request for connection. What follows is a complicated digital handshake conversation. The conversation is unique to the tunnel and encrypted or scrambled by the firewall which protects the internal network. This handshake is used to verify the identity of each side. Once established, it allows each side to pass information back and forth. All of the data that is passed over this connection is packaged and encrypted. It cannot be read by anyone who might try to capture the information while it is en route to either end of the tunnel.
Why do Companies Use VPNs?
Once established, this secure ‘road’ between your PC and the protected network of your office has a number of uses. Firstly, this connection allows a user’s computer to appear as though you were in the office. This has a host of implications. Most importantly, it serves as a secure means to access and contribute to files stored on the server at the office. This data continuity is vital in support of a comprehensive Disaster Recovery Plan. A recovery plan is a necessity for every company and should entail regular backups of the servers and the files therein.
Secondly, this tunnel allows all internet traffic from the user’s computer to be directed through this tunnel. While this can lead to longer load times, it ensures that users are protected from a wide range of ‘man in the middle’ attacks. For networks hosting sensitive company data, the initial process of setting up a VPN should be conducted by a knowledgeable network engineer. This ensures that the receiving end of the tunnel is properly configured. To set up a VPN as a client, a user needs to download the VPN software, input the appropriate server information, and provide their assigned credentials.
Hardware VPN vs. Software VPN
The primary difference between a hardware VPN and a software VPN is where the processing occurs. A hardware VPN device is a dedicated piece of equipment with its own processor and traffic regulation policies. Often a hardware firewall will offer VPN capabilities given the natural synergy with the rules-based network monitoring already present. Businesses most often opt for a hardware VPN device over a software VPN. Hardware VPNs can provide added security, configuration options, and speed.
A software VPN is an application that runs on a server. It can be connected to by anyone who has the client installed on their machine. Software VPNs are typically consumer products. Users can pay a monthly fee to use a variety of VPN servers across the world. The primary draw of a software VPN is scalability and affordability. Both types of VPNs will see a decrease in overall network performance, given the added hops involved in sending all traffic to the designated VPN device. Typically, software VPNs will experience a more significant decrease in network performance. This is because the servers being used are shared with thousands of other users at various points throughout the day.
What does a VPN NOT do?
A VPN does not scan the contents of information or traffic being passed between a user and the firewall or server. This is important to keep in mind. If a personal PC becomes infected with a virus and connects to a VPN, the virus can potentially spread to the office network. For this reason, best security practices would have employees only using company computers to connect via VPN to their internal networks. In doing so, the company can ensure that enterprise-grade anti-malware and anti-virus software is always running and up to date on the device.
Additionally, it is important to note that using a VPN does not totally protect your company from ransomware. This secure network can provide protection against two of the top five most common vectors for ransomware infection, RDP exploits, and visiting compromised websites. It does not protect your company from them all, however. A vast majority of ransomware comes from the opening of malicious emails and their attachments. While in the office, employees are often protected by multiple layers of defensive measures. Even if an email gets through with a malicious payload, the infection is quickly spotted and quarantined. Personal email rarely has these same features. This poses a potential risk to a company network if the personal devices are connecting to an otherwise secure environment.
To learn more about how to keep your work machines safe, contact a member of your Chortek team today. You can also reach out to us via the form below.