VPN’s have become commonplace over the past couple of years, with every content creator out there having at some point been sponsored by Nord VPN (other VPN providers are available). VPN's are mostly used so that we can watch content on streaming platforms that would otherwise be blocked in the UK. However, as well as allowing you to watch Pulp Fiction on Canadian Netflix, VPN’s have excellent security benefits that can help prevent data breaches and cyber attacks.
So, in this edition of Information Security Basics, we’re taking a look at exactly what a VPN is, how they work, and why they can be an essential part of our cyber security set up. For an introduction to what VPN’s are, the video below gives a good, brief overview.
VPN stands for Virtual Private Network, where an encrypted ‘tunnel’ is created for your data, which then allows you to hide your IP address (which can be used to locate you) and protect your online identity. This is why VPN’s can be used to watch online content that are normally geo-locked, because the VPN hides your true IP address and gives you one that makes the streaming service think that you are accessing their platform from a country of your choice. As good as VPN’s are for watching content you can’t normally get, they’re even better at protecting you online and keeping you secure- and they do so in various ways.
Most places you visit now will have their own public wifi for guests to use- hotels, cafes, restaurants, gyms, supermarkets, and public transport will all have wifi that you can use for free. Now, whilst this is great, it does come with security concerns and a risk to your data. Using a VPN however, can mitigate these risks by encrypting your data, and ensure that your data is invisible to hackers and their methods.
All of your activity online is tracked in one way or another- browsing history, purchases and other forms of online data are used by organisations to market to you, as well as fraudsters to hack your information. VPN’s hide your IP address, encrypt your data and ensure that you become invisible to those wanting your data when online. VPN’s can also be downloaded onto many devices, meaning that you can stay safe at home, on the go, as well as at work.
How they work
When you connect to a VPN, your internet traffic is redirected to a VPN server, where you will then be sent to your desired website, whereas normally when you visit a website, your internet provider will process the request, and then send you over to the URL link you want.
Nord VPN details the steps involved when using their VPN below:
- When you connect to a virtual private network service, it authenticates your client with a VPN server.
- The server then applies an encryption protocol to all the data you send and receive.
- The VPN service creates an encrypted “tunnel” over the internet. This secures the data traveling between you and your destination.
- To ensure each data packet stays secure, a VPN wraps it in an outer packet, which is then encrypted through encapsulation. This is the core element of the VPN tunnel, keeping the data safe during transfer.
- When the data arrives at the server, the outer packet is removed through a decryption process.
VPN tunnelling is a method also used to ensure you’re being kept secure when using your devices online. Tunnelling works by authenticating your device with the VPN network, where their server uses one of various methods of encryption to protect your online presence from those wishing to access that data. One way in which this is done is by ‘wrapping’ each ‘packet’ of data in their own protective coding to ensure that the data contained within the packet isn’t able to be accessed. Then, when the packet reaches the user, the protective wrapping is removed so that the original data within can be used.
Once the VPN tunnel is established, it sends out the necessary information to a VPN server (in an encrypted format). Then, the VPN server decrypts the information, and sends it to the relevant website server. In this process, the VPN server also hides your IP address, meaning that the website you want to reach thinks you have the IP address of the VPN server, as opposed to your actual one. This is what allows you to browse the web as you wish without sharing your IP address, and therefore your location.
So, VPN's can, and perhaps should, be used as a tool in your data security setup, not only because they allow you to watch American Netflix, but also because the technology involved allows you to stay considerably more secure online than you would be otherwise.