There is a lot of fear and uncertainty right now with the impact of the CONVID-19 virus and how it’s going to affect businesses. Daily, I see businesses encouraging their employees to work from home if they can. Retailers are even encouraging people to use online and delivery services rather than coming into the store if you’re not feeling well or have a lowered immune system.
So how can businesses ensure that their data is secure when their employees are teleworking? What if a staff member becomes quarantined for two weeks in a location with only public Wi-Fi?
With the increased use of Cloud-based software, many employees can log in and work from anywhere, but as we discussed in the previous blog “Understanding Encryption when using Free Wi-Fi”, that doesn’t guarantee the connection used isn’t a security leak for the company.
We talked before about how when you connect to Wi-Fi is an invisible stream of data that goes between your laptop and the Internet or Cloud. I mentally picture this stream as a garden hose transporting “data” from one point to another. Now in an ideal world, the garden hose is brand-new and transports every drop of “data” and nothing gets spilled out or siphon off. Unfortunately, in an unsecured Wi-Fi situation, we are not living in a perfect world. It’s more like an old garden hose with a few cracks, some holes and a bad connector. “Data” leaks out, and others nearby can possibly siphon off some along the way.
So how do you ensure your data is getting from point A to B with a leaky hose? This is when a service called a Virtual Private Network, or “VPN”, comes on the scene. A VPN creates a private channel across a public network and enables its user to send and receive data across a shared or public network as if the device were directly connected to the private network. Ok that sounds very techy; picture it as a solid pipe surrounding your old, leaky garden hose. the data flows without leaking out or allowing someone else to siphon from it.
A VPN is a subscription service that you get that creates a private channel or connection between your device / laptop to the “Cloud Service” / the Internet or your work computer. It will protect your data, so that the information passing along this connection is hidden from prying eyes sitting in the coffee shop, your neighbors, etc.
Here’s another way to think about how VPNs work, if you have ever played or used with Walkie-Talkies. When 2 walkie-talkies are on the same channel and within range of each other, you can push the button and have a seemingly ‘private’ conversation. However, if I am also within range with my walkie-talkie and happen to be on the same channel, I have the perfect eavesdropping opportunity. You wouldn’t even be aware that I was listening in. With a VPN creating a secure channel, it would be like a static noise on your walkie-talkie. I can tell someone is there, but I can’t hear or understand anything being ‘said’.
A client recently asked “But really, if I’m on the computer and someone tries to eavesdrop, what can they see? Just a bunch of random numbers and letters, right?” Well, if I joined onto your channel, I would be able to see every keystroke you type, that means passwords, the latest work gossip, the proposal you’re sending to a new client or the status of the current project. I could see every picture or file you download, which could mean blueprints, financial records, social security or tax forms, the latest cat video or your children’s sport schedule. I would be able to see all the emails that gets passed along the channel, rather you are sending it or receiving it. I could read the emails you’re receiving before you do, without you ever knowing I was ‘there’.
A VPN creates the secure channel across the Wi-Fi, so that all your data or traffic is enclosed within this private tunnel. Going back to our garden hose example, I might be able to see a pipe stretched across the room, but I couldn’t see any of the flow within.
Using a VPN, in combination with the company’s Firewall, you can create a secure channel from your laptop directly to an office network. This allows you access to shared drives, software and even print that report to a network printer, so it’s sitting there waiting when you return. In some cases, you can use a VPN to log-in directly to your office computer, and the firewall sees the connection as if you are physically working from that computer, giving full access to all the network. Now you can access even your hard drive files.
Some software still requires a local install to operate, so this option allows you to operate them without being physically there. Other software doesn’t operate well over just a VPN or Wi-Fi, because they pass a lot of data back and front. This chattiness uses up a lot of bandwidth and isn’t effective for most VPN or Wi-Fi connections. By logging into your desk computer via the VPN, you can bypass that issues; the ‘chat’ is handled by the desk computer, not your laptop.
Another bonus to this approach is that by using a VPN to log into your desk computer, it means all the protections that you have at the office are in place. This means firewall rules, incoming/outgoing virus scans, malicious website blocks and Corporate internal anti-virus protection are all at work, protecting your emails, laptop, and the company. Industries that have compliance restrictions this allows the remote worker to not violate these conditions as well. Using a VPN to connect to your company’s network and your desk computer is much more secure way to work and gives you the things you need to get the work done.
However, it does not give you a Golden Ticket to surf or do whatever you want on this connection. Basic internet rules still apply. If you click on a questionable email, you can still get infected. If you follow a phishing email and give them your personal information, you can still get hacked or your identity stolen. Your computer will still record and track any sites you access within its history. The VPN’s job is to create a secure tunnel between your computer and a trusted host; however, it will not necessarily protect you from malicious activities. It is a part of the toolbox you need to have in order to shield yourself from prying eyes. You need to use all the tools available all the time because the bad guys are using all the tools they can to steal whatever they can get.
Here at Techno Advantage, we offer a great small business VPN and firewall solution that can secure you connection back to the office. It breaks down into an affordable monthly subscription that offers peace of mind and trust.
Footnote to Parents – I recently learned that my teenage son and his HS friends have free VPN software installed on their cell phones in order to bypass the school’s security connections and allow them to access sites or apps that the school deems inappropriate during school hours. Just another example of how our children are too smart for their own good sometimes…