To VPN or Not VPN
Does a VPN really keep your computer safe?
I am frequently told, "Our computer is safe because we use a Virtual Private Network (VPN).
Is that true? Is the computer safe, or is the person experiencing a false sense of security?
There are several types of VPN, and knowing the type you have will let you know where the strengths and weaknesses are.
In simple terms, what is a VPN and what does a VPN do?
- A VPN is sometimes described as a private pipeline through the public internet.
- A VPN may encrypt the content you send/receive between "points A and B" over the internet.
- A VPN may "hide" the location you access the internet from.
- There are many types of VPN that provide various types of services.
- Knowing what services your VPN provides is crucial to understanding your security.
If someone captures the information encrypted by a VPN, the information must be unecrypt it before it can be read or used.
If someone trys to locate where your computer is, to hack into your computer, they will have a more difficult time trying to find where you are.
If you are using the internet at an airport, resturant or other public location, a VPN may help secure your activity and computer from prying eyes.
In simple terms, your VPN only exists between where your information is encrypted (point A), and (point B) where your information is unencrypted.
Business uses of VPN
One of the business uses of a VPN is when a company has two or more physical locations. A VPN in each location can provide a more secure line of communication between the various offices. In other words the offices are "virtually" at the same location, linked by their virtual private network in each location.
Another use is when an employee needs to travel, or work from home. The employee can use the business' VPN to securely log into computers or information back at the office.
Personal or "commercial" VPN service
Again, VPN is a point to point service. Where the service begins and ends defines the limitation and extent of the virtual private network.
For example, if the VPN encrypts your information as it leaves your computer and goes out onto the internet, and is unencrypted at the service provider's location, from that point on your information is outside the VPN.
So, where does the "false sense of secutity" come in?
The false sense of security comes in by not understanding where "point A" and "point B" are.
- Is "point B" somewhere out on the internet, at a service provider's server?
- "Point B" is where your VPN terminates; out there somewhere on the internet is where your secure VPN stops.
- From where your VPN stops, to the website or other location you are going to, your communication is open and possibly not as secure as you think.
The bottom line is this:
VPN is good for what it does, but don't get lulled into a false sense of security using one.