#howitworks: Virtual Private Networks (VPNs)

The #howitworks series aims to help readers to gain a basic understanding of important technologies and related security implications. This series is a part of Cybersecurity Awareness Month, which is dedicated to raising awareness about cybersecurity issues and data protection.

What are VPNs and how do they work?

Most employers who have switched to the virtual work environment have mandated that employees utilize virtual private networks (VPNs) while accessing their home workstations. But what exactly are VPNs and how do they contribute to secure Internet browsing? VPNs are networks that use encryption to build a logical path between a user and a destination network (such as an employer’s network). VPNs enable remote access to networks, meaning a user can utilize resources from anywhere in the world regardless of physical connectivity.

There are 2 main types of VPNs:

1. Site-to-site: connects individual networks to each other

2. Client-to-site: connects users to a corporate network (also known as remote access)

The term encryption is frequently used in the cybersecurity industry, but how exactly does VPN encryption occur? Unlike standard wireless networks (such as public Wi-Fi), VPNs encrypt all communications between the user’s computer and the destination server. Specifically, VPNs create a tunnel between the user device and the Internet, allowing information to be exchanged privately and anonymously so that the data cannot be traced or intercepted by hackers. Any individual or machine attempting to read this encrypted information would only be able to see strings of random characters. Encryption over VPNs occurs via particular network protocols that aid in the transmission of data between different devices on the same network.

There are 2 main types of VPN encryption protocols:

1. Secure Sockets Layer (SSL)/Transport Layer Security (TLS): A technology protocol that secures network communications at the application level; in other words, SSL/TLS provide security to any user application within a network, such as web browsing, emails, and Voice over IP (VoIP) systems.

2. Internet Protocol Security (IPSec): A collection of protocols that secures network communications at the network level; in other words, IPSec provides secure, remote access to the general network resources, as opposed to individual applications.

A Traveler’s Dream

VPNs are not just for office purposes. Because these networks ensure data privacy, utilizing a VPN can help bypass blocked or censored websites in certain countries. This is because VPNs allow users to change the location of their IP address, and therefore, Internet service providers think they are browsing from another country and grant access. For example, some Netflix shows are not available to viewers in every country. Therefore, utilizing a VPN could help users stream their favorite shows by utilizing a server in their home country where all the content is available. Problem solved!

VPN Best Practices

While browsing the Internet via VPNs can help protect data, here are a few things to bear in mind when using them:

• If possible, avoid using free VPN services. Paid VPNs are usually faster and more trustworthy because the data is managed by one particular company. With free VPNs, there is no guarantee that user information will not be sold to third-party companies.

• Always use VPNs on untrusted networks. When working on an untrusted network, such as the public Wi-Fi in coffee shops or hotel rooms, it is best practice to use VPNs. It is less necessary to utilize VPNs when connected to more secure networks, such as private home Wi-Fi. A general rule should be to ask yourself the question, “Who is controlling this network?” If the answer is anything but, “Myself,” then the VPN is the best choice.

• Remember that VPNs are just one part of the cybersecurity puzzle. While VPNs are an excellent way of increasing security, there are additional measures that users should take in order to protect their data. Taking actions such as employing multi-factor authentication, antivirus and antispam software, and regular system updates will also help to mitigate risks.  

Although Cybersecurity Awareness Month 2021 is almost over, we want to continue spreading awareness during all 12 months of the year! If you would like to learn more about a specific technology, leave a comment down below with your suggestions!