To VPN or not to VPN?
GDS was asked by an employee of a client about VPN. We were asked should they run VPN at home for normal internet use even when they are not accessing company information. The answer we gave them is it depends.
VPN is a way to encrypt and secure your network traffic. This is usually done with corporate networks to allow employees to access company resources while outside of the office. This is the most common use of VPN software. Now public WiFi is free almost everywhere you go and hotspots are getting fast enough to not hesitate to use them so you have to start wondering who can see your network traffic/usage.
In short, the answer we gave this user was if you are using your home internet and it is secured with WPA2 and only people you trust are on this network then you probably don’t need VPN to secure your internet usage. If you are using free, shared, or public wire/wireless then VPN might be a good fit for you. It also will depend on what you are using the internet for. If it is to look up a recipe, that is far less of a concern than checking your bank account.
Another reason someone might want to use VPN is to bypass internet restrictions. For example, if you are at a hotel and they do not allow streaming media, you can connect to your VPN and they will not be able to tell that you are accessing the streaming media service while on the hotel network.
Here is an example of how your data could be compromised and how VPN could help prevent this. Lets assume you are at an airport and you want to connect to the VIP WiFi network while you wait for your flight to land. Normally you won’t be able to connect to this, but for some reason you were provided VIP access to the lounge for free while you wait for your flight. You connect to the wireless network with the strongest signal and it doesn’t require a password. You are happy, you get to access all your social media and any other service while you wait. What you do not know is a malicious user is sitting directly on the other side of the wall from you and they are the ones broadcasting the same wireless name as the airport but theirs does not have a password on it. This is the one you connected to without knowing there is a difference. Now, this malicious user is performing a man-in-the-middle attack. Basically, you are connected to their malicious WiFi connection and they are routing your internet traffic through their device and capturing all the data you are sending/receiving. Then they are passing you through to the correct network connection so you think your internet is working properly. Since you are not using a VPN connection, all of your network usage is stored on their PC. This may include URLs, names, passwords, account numbers, etc. If you did use a VPN connection that is encrypted, your data would be encapsulated in a secure tunnel that would not allow this malicious user to see your date/usage.
Not all VPNs are the same. Some log your traffic on their servers, some don’t provide high encryption, and others are very slow. Reach out to us if you would like more information about VPNs, man-in-the-middle, or ways that companies try to prevent the example above. Also, remember to send us the topic of the next article.
- Secure all network traffic
- Easy to use
- Seemlessly use the internet like you normally would
- Ability to bypass certain content or geographical restrictions
- Decrease in internet speed
- Some are complicated to setup or have a monthly usage charge
- Some VPN providers may log your internet usage