A VPN, or virtual private network, is a secure connection between people and devices over the Internet. A VPN makes going online safer and more private by stopping people from seeing who you are, where you are, or what you’re looking at.
Available for Windows and Mac. Coming soon for iOS, Android, and Chromebook devices.
VPN stands for virtual private network. A VPN is a private connection between people and devices over the Internet. Where a “real” private network connects devices in one location for the purposes of sharing data, a “virtual” private network uses encryption technology to recreate the security of a private network and connect devices that are not in the same location.
VPNs are typically used by remote employees to access files and programs on the business network (aka intranet) as if they were actually in the office. Likewise, big corporations spread across multiple locations use VPNs to connect satellite offices to the main office.
VPNs aren’t just for work though. Outside the office you can use VPNs to safeguard your privacy a few different ways:
You might need a VPN if you want to do things like:
Most consumer-level VPNs are actually VPN services, meaning the VPN provider is responsible for the servers, the encryption, and the user authentication. The customer simply pays a subscription fee to use the VPN service.
Because VPNs can be used to circumvent state-sponsored Internet censorship, the legality of VPN use varies. In some countries like Russia, for example, unrestricted VPNs are outright illegal. Whereas in China, VPNs are blocked but not necessarily illegal.
While using a VPN might make you an accidental criminal, legitimate cybercriminals like using VPNs too. Case in point: VPNs can hide the IP address being used to control a botnet during a DDoS attack. More commonly, VPNs are used to download copyrighted or illegal content without catching the attention of Internet service providers (ISPs) or law enforcement.
To be clear, VPNs encrypt your data and hide your location and identity, but they don’t protect you from viruses, ransomware, and other forms of malware, including spyware and keyloggers. Accordingly, if you’re using a VPN, you still need a cybersecurity program.
Now that we have a basic understanding of what VPNs are and how people use them, let’s take a closer look at how VPNs work, how you can set up your own VPN, and things to avoid when setting up a VPN.
“Simply put, a VPN makes going online safer and more private by creating a digital middleman between your device and the Internet. Through the use of a VPN, people can’t figure out who you are, where you are, or what you’re looking at.”
Simply put, a VPN makes going online safer and more private by creating a digital middleman between your device and the Internet. Through the use of a VPN, people can’t figure out who you are, where you are, or what you’re looking at. At a time when the concept of online privacy is challenged every day by companies and organizations hungry for our data, one can see how a VPN might come in handy.
So think of a VPN as a tunnel that starts at one point, burrows through the Internet, and emerges at another point. This tunnel can be used by people on opposite ends to securely send data to each other. Some VPN tunnels can connect several parties simultaneously.
Before users can access the tunnel, the VPN first confirms both parties are who they say they are via username and password. Assuming all parties pass the ID check, they’re allowed to use the VPN.
Finally, VPNs encrypt any data that passes through the tunnel. This is how VPNs keep nosey parties from snooping on your Internet activity and the main reason legitimate users (read: not cybercriminals) use VPNs. Without delving too deeply into the modes and methods of VPN data handling, here’s what you need to know: Data is encrypted as it enters the tunnel and it’s decrypted as it leaves the tunnel using encryption keys. The various methods by which data is packaged and encrypted is known as tunneling protocol.
There are two types of encryption keys: symmetric and public. With symmetric keys, everyone has the same key. This is akin to everyone having the same password to the secret clubhouse. If someone who isn’t a member of the clubhouse learns the password, then everyone’s security is compromised. And this is why we have public keys.
With public keys everyone gets to have one, same as before, and everyone can send an encrypted message. However, each public key has a paired, private key on the receiving end. The private key is never shared. Only your computer knows it and uses it to decipher incoming messages. With this system, it doesn’t matter if your public key is compromised since the underlying private key is still secure.
There are two basic VPN types: remote access and site-to-site.
Remote access VPN. As you might’ve guessed, a remote access VPN allows someone outside a given network (they’re on a business trip or working from home) to connect and access resources securely on that network.
Site-to-site VPN. Conversely, a site-to-site VPN is typically used by companies and organizations with multiple offices spread across locations around the country or around the world to connect and share data securely.
At the consumer level, there are two additional types of VPN: router VPNs and VPN services.
Router VPNs. Writing for Malwarebytes Labs, Senior Security Researcher Jean Taggart recommends the router VPN as the “one VPN to rule them all.” As an at home solution, the convenience of a router VPN can’t be beat. Any device connected to your home network is automatically protected by the router VPN—even devices that don’t support VPNs natively (e.g. Xbox and PlayStation). The only problem with router VPNs is that they’re difficult to setup. If you’re willing to give it a shot, you can read Jean’s step by step instructions for setting up a router VPN.
VPN services. When people talk about VPNs today, they’re usually referring to a VPN service. With a VPN service, you don’t have to own, setup, or maintain anything. Rather, the VPN service is responsible for the servers, the encryption, and the user authentication. Customers need only install the VPN service provider’s software on their device, by which they’re able to log in to the VPN service’s servers. VPNs services are available for Windows, Mac, Android, iOS, and Chromebook.
“When people talk about VPNs today, they’re usually referring to a VPN service. With a VPN service, you don’t have to own, setup, or maintain anything. Rather, the VPN service is responsible for the servers, the encryption, and the user authentication.”
Let’s hearken back to the early days of the Internet. In the early-to-mid-90s people working from home needed a way to quickly and securely access resources kept on the office network. This typically meant connecting your home computer to the office network via unsecured, low-speed dial-up connection. This is where Microsoft engineer Gurdeep Singh-Pall recorded his name on the annals of Internet history.
In 1996 Singh-Pall (who’s now a VP at Microsoft) created a basic form of VPN known as point-to-point tunneling protocol or PPTP, for short. PTPP uses weaker forms of security to keep the riffraff out. While you wouldn’t want to use PTPP today, it was the best way to work remote in its time, being much more secure and speedy than dial-up. It even won the PC Mag Technical Excellence Award in Networking Software.
In 1998 China started to build the Great Firewall to block content from outside the country. As mentioned earlier in this piece, Chinese citizens can and do get around this Internet censorship by using VPNs to connect with outside servers. While VPNs aren’t technically illegal, there is an established history of people being fined for using them.
For the first ten or so years of existence, VPNs were used almost exclusively by businesses and their employees. It wasn’t until the early 2000s that people started to realize the value of VPNs at the consumer level, primarily as a way to protect one’s privacy while using new P2P file sharing services like Kazaa.
“It wasn’t until the early 2000s that people started to realize the value of VPNs at the consumer level, primarily as a way to protect one’s privacy while using new P2P file sharing services like Kazaa.”
In 2013 we learned from Edward Snowden’s disclosures on global surveillance, that the National Security Agency (NSA) had found a way to routinely crack certain obsolete VPN technologies, including PTPP.
In 2016, the video streaming service Netflix started blocking VPNs on the basis of copyright protection. The argument being that users were accessing TV shows and movies not licensed for their region or content for which the rights were sold to some other provider in the region. As an example, the long-running British sci-fi series Doctor Who was removed from Netflix US in 2016, because the rights had been sold to competing streaming service Amazon Prime. However, by way of a VPN, Americans can still watch Doctor Who on Netflix UK.
Hulu and BBC iPlayer adopted similar stances against VPN usage, with the streaming services starting to block VPNs in 2014 and 2015, respectively.
Here are four quick tips to get you started with VPNs.
For additional tips on keeping your business safe, check out our “5 simple steps to securing your remote employees.” Also see our case study “Lattes, lunch, and VPNs: securing remote workers the right way.”
Select your language