Importance and Usefulness of VPN
In this age of post-Snowden era, a typical user is somewhat aware that spying for personally identifiable information is a lucrative business for both cybercriminal organizations and state-actors connected with intelligence agencies. The once considered a corporate method of connecting a remote laptop to the office LAN, it is now ubiquitous to use when connecting through an untrusted public wifi.
The complication of establishing a VPN connection also has been simplified, from the old and clumsy VPN setup settings of Windows 2000, to a much more cohesive setup wizard starting with Windows Vista and newer. Many VPN vendors also develops their own dial-in software to connect, which greatly makes attempts to connect foolproof.
VPN also provides the built-in capability of masking ones true location, by using the origin of the exit node, the users can pretend they are from USA, even if they are located somewhere else in the world. This helps bypass the security restrictions set by online services like Netflix, with a US-based VPN service, external users can announce to the webservice that they are coming from USA even if they aren’t, enabling the service which is otherwise unavailable in their country of origin.
The cornerstone to VPN security is authentication, the act of identifying and verifying the authenticity of users before they gain access to critical data assets and resources. One would want to select from varying levels of authentication strength based on the value or sensitivity of the information that you’re protecting, balanced against other considerations like usability, deployment, and budget.
VPNs are private and the encrypted tunnel protects your data as it travels across the public network. But does not necessarily equal security. To be completely secure, there’s still one more thing that you need to beware of that is the authenticity of users. When a remote user accesses your corporate network, how do you know that he is who he says he is? Without enhanced security, you don’t know for sure anyway. In an attempt to identify users, many VPNs are protected merely by passwords. However, passwords alone cannot ensure secure remote access because they are a weak form of security. Passwords are easily guessed, stolen or otherwise compromised. And if a password is compromised, you have no idea who is at the other end of your VPN.
While Firewall implementation help to prevent data from leaving and entering an enterprise by unauthorized users, they do little to protect against threat within the Internet. Sensitive data such as usernames, passwords, account numbers, financial and personal medical information, server addresses, etc. are visible to hackers and to potential e-criminals over the Internet. This is where the benefits of VPN are seen. A VPN, at its core, is a fairly simple concept the ability to use the shared, public Internet in a secure manner as if it were a private network.
Of course, VPN itself may or may not be illegal depending on the location of the user. China itself wants everyone to use its great firewall to connect to the public web, which blocks websites that the Chinese authorities deemed distasteful for the state. China has started to ban the use of VPN, which is one of the easiest ways to bypass the great firewall.
Julia Sowells702 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.