What is a Virtual Private Network – (VPN)?
A VPN, Virtual Private Network, is a service added to your internet that lets you access the web privately and safely. It routes your connection through a server and hides your online actions.
From a user perspective, once the VPN is started, the software encrypts data before your internet service provider or WIFI sees it. The online destination sees your data coming from the VPN server and its location instead of your computer and location.
Without the VPN, your connection is open to anyone who wants to view your data. As a business, this can be detrimental to your information. Anything from financial reports to clients or customers and more.
The internet is made up of many servers responsible for storing websites and their information. When you connect to a site, your server is in communication with their server and data is shared. This allows you to browse a page and make purchases or gather information.
This is where privacy is lost, as you are allowing several sources onto your server to have access to any and all information. As one site explains, this is like taking a commercial airline flight in that there are many people responsible for routing your destination from one location to another. Everyone from ticket agents to baggage handlers all have your information handy to make sure you get where you are going with everything intact.
While you may not care that the ticket agent has your personal credit card information, as you needed to share that to purchase your ticket, the baggage handler has no need to have that information at their disposal. It could lead to information being stolen and used for other types of purchases. Some that you didn’t intend to make.
Using a type of security system to protect personal data is important to keep everything safe for future use, and to keep prying eyes from getting information they have no reason to use.
How Does a VPN Work?
In using a VPN, there is a barrier between you and the internet. So, when you start going online, your computer system is connected to this safe hub and from there the connection is made to the internet. This allows the internet to see only what the barrier sends out or receives to be seen by anyone who has ulterior motives. This also protects your viewing privacy.
Information that is sent from your computer to the VPN is encrypted, keeping personal information contained. No one can pry and have access to your information. It is much more difficult to hack into that system and add or change any files on your computer to allow them access to sensitive data.
Your identity is also hidden as sites see the VPN server as the traffic origin, not your home of business location. They also only see the encrypted information so they would need a way to decipher any information they obtained.
Encryption works by:
- Starting with plain data
- Applying a key (secret code) to transform the data
- Ending with encrypted data
The encrypted data is only readable by someone with the original key used to encrypt the data.
Your VPN can be secure, but the connection protocol the encryption mechanism used to handle your information determines that strength.
What Are Some Common Protocols?
According to The Beginner’s Guide to Understanding VPNs protocols define how the service handles data transmission over a VPN.
Here is a brief overview of the most common protocols:
- PPTP (Point-To-Point Tunneling Protocol). This is one of the oldest protocols in use, originally designed by Microsoft. This system works mostly on old computers, is a part of the Windows operating system, and it’s easy to set up. However, by today’s standards, it is not very secure. This protocol should be avoided if possible.
- L2TP/IPsec (Layer 2 Tunneling Protocol). This is a combination of PPTP and Cisco’s L2F protocol. The concept of this protocol is sound, but the execution isn’t very safe. The addition of the IPsec protocol improves security a bit, but there are reports of NSA’s alleged ability to break this protocol and see what’s being transmitted. Since there is debate about this type, it is best to avoid this as well.
- SSTP (Secure Socket Tunneling Protocol). Built by Microsoft, the connection is established with some SSL/TLS encryption. Their strength is built on symmetric-key cryptography; a setup in which only the two parties involved in the transfer can decode the data within. Overall, SSTP is a very secure solution.
- IKEv2 (Internet Key Exchange, Version 2). This is an iteration of Microsoft’s previous protocols, and a much more secure one at that. It provides you with some of the best security.
- This takes what’s best in the above protocols and does away with most of the flaws. It’s based on SSL/TLS and it’s an open source project, which means that it’s constantly being improved by hundreds of developers. It secures the connection by using keys that are known only by the two participating parties on either end of the transmission. Overall, it’s the most versatile and secure protocol out there.
Most VPNs allow you to select the protocol you use. The more secure protocol you connect through (OpenVPN, IKEv2), the more secure your entire session will be.
As with any internet service or security feature, there are laws that pertain to the types of programs and services you can use depending on the country where you live or do business with. When choosing a VPN service, it is always a good idea to do your homework and decide what is best for you and your customers. The protocols are safe to use in the US, Canada, the UK, the rest of Western Europe.