What is a VPN -Virtual Private Network?
A Virtual Private Network is a tool used by businesses seeking ways to allow employees to work remotely.
There are other, faster, more secure remote work solutions available to you too.
This post includes diagrams and explanations to help you visualize a VPN. This post includes a table to help you compare Microsoft InTune vs Windows Virtual Desktop.
How does a Virtual Private Network work?
Virtual private networks are used to setup a direct connection between your computer and the office by way of a private tunnel over the internet.
Normally, when you send information over the internet, it is sent as a piece of data called a packet. Often, packets are in plain text and can be easily read by anyone or scanned by Big Data. Packets also carry your IP address.
With a virtual private network, your packet is encapsulated inside of another packet to protect what you are transmitting. In this way, your sensitive information is better protected than if sent via email or open internet.
And using a VPN is easy. Logging in to your VPN is like just logging into a computer with a username and password. Only those with the correct login credentials can access the VPN. Just like a standard computer user profile or account, we can setup a VPN to only be accessible with certain permissions and restrictions.
Types Of VPN’s
There are two types of VPN’s – a site to site VPN and a client to site VPN.
A site to site VPN is used to connect two networks together, for example, connecting a head office network to a satellite office network. Instead of using the open internet to get a file from another site, you would use your Virtual Private Network tunnel.
A client to site VPN is used to connect a single computer to a network. For example, you may have hired a lawyer to review internal company documents, and you had a client to site VPN set up so the lawyer can securely access your company documents as needed to conduct the review.
Do I Need A VPN?
VPN’s are not safe and do not protect your business when:
- Using a personal type of VPN (eg. Nord VPN) and accessing your work-based cloud accounts, remote desktops, or internal LAN resources.
- Using a personal device to connect to a work VPN tunnel that connects to company data/network/cloud accounts etc.
- Using a company owned device for both work and personal use, with no endpoint security in place (even just checking personal email or Facebook and logging back out can result in a downloaded threat).
Again, endpoint security is key. A personal device, used at home to download pirated music or view high risk sites, with free antivirus and no content filtering in place has a much higher risk of having malware or an infection on it that can spread to your company devices and cripple your business.
Never allow personal devices access to company data unless you control the device.
As small business IT consultants, there are other remote work solutions we recommend over a VPN.
Windows Virtual Desktop, for example, utilizes HTTPS for all traffic. It is encrypted and secured with TLS1.2. It doesn’t need, and would be negatively affected (both from a security and performance standpoint) by a VPN.
Another example is Microsoft Endpoint Manager. It allows you to enroll company owned devices that can be weighed against policies that you define as required for your business (encryption, specific password complexities, approved software, etc).
If you are in a sensitive industry like legal, healthcare or finance and trading, you may want to consider setting up a secure remote option for your team.
And finally, the Canadian government would prefer to house sensitive data pertaining to Canadian government programs and citizens on Canadian servers and soil. Microsoft has built Canadian data centres for this purpose.
You can utilize those same data centres for your data residency requirements for both Windows Virtual Desktop and Microsoft Endpoint Manager.
Network Setup Services in Toronto & Durham Region: If you have network security concerns, we invite you to contact us for a free consultation. We are TUCU, a Managed IT Support Company in Toronto. Let us help you choose the right network security and remote work solutions for you. Schedule your free consultation to discuss your needs.