VPNs – What, How & Why?

June 24, 2021

Did you know our Managed Firewall Service includes VPN capabilities to allow your staff to securely work remotely?

More Info

What is a VPN?

A VPN (Virtual private network) is an online service used for securing and privatising your internet browsing activities by connecting device(s) to an encrypted, private network. When using a VPN, anything performed online will first be sent to the VPNs server, where identifiable details such as your IP address and location will be modified, and your connection will be encrypted. Ultimately, anyone who tries accessing this data will not be able to identify you or any of your personal data.


Typically, VPNs are used by those who want to increase their online privacy by restricting the amount of data that would usually be accessible by your ISPs (Internet Service Provider) and by anyone trying to gain access on public Wi-Fi.

How VPNs work


A VPN creates a point-to-point tunnelling connection only accessible by authorised users. Your device therefore connects to another network, encrypting your data and hiding your real IP address. The way a VPN does this is by masking your computers dynamic IP address with a dedicated or static IP address located anywhere around the world.


What is an IP address?


An Internet Protocol address is a string of numbers such as (192.143.1.55), which are assigned to your devices that can connect the internet. They are used to identify the location of such devices. Think of your home address, if somebody needed to send you a letter, they would use your home address – in return, if you wanted to reply, you would use their address to communicate back.

There are different types of IP addresses such as:


  • Dynamic IP – Assigned by DHCP (Dynamic Host Configuration Protocol) and will consistently change over time
  • Static IP – The opposite of dynamic, these IP addresses do not change
  • Public IP – Assigned to a router or network and used for external communications. Can be used to identify you
  • Private IP – Assigned independently to all devices on your network to identify devices connected. These IP addresses are not unique and cannot be used to identify you
  • Shared IP– Refers to websites who share an IP address with other domains
  • Dedicated IP – Refers to websites with their own dedicated IP


Different types of VPNs


Site-to-site VPNs –

A connection between two or more networks, such as an organisation with many offices/branches in different locations. This VPN will allow all offices secure access to the organisations network remotely so that they can continue to share resources and communicate safely.


Remote access VPNs –

Users away from their organisation, such as those working remotely will authenticate themselves to a remote VPN gateway for their organisations network server. Once authenticated, access will be given, and the user will have access to the organisation while on a secure, private connection.


Hardware VPNs –

Although more expensive and seen in larger organisations, Hardware VPNs can provide many benefits to an organisation such as load balancing. This standalone device includes a dedicated processor while managing to everything a typical VPN would but with increased levels of security.


DMVPNs –

A Dynamic multipoint VPN allows data exchange between sites without needing to pass through the organisations VPN server or router. By creating a mesh VPN service that runs on the VPNs routers and firewall concentrators, each remote site will have a router configured to connect to the main office branch, providing access to needed resources.


Mobile VPNs –

A mobile VPN will typically be placed on the edge on a company network allowing secure tunnelled access. Mobile VPNs provide continuous service and can allow users to switch across multiple networks, whether they are public or private.


VPN Appliance –

A router that provides protection, authorisation, authentication, and secure encryption for VPNs.


Why use a VPN?


Privacy - It is relatively easy to use an IP address to spy on somebody. But, by using a VPN your IP address is hidden and anything you do online will appear to come from the exit node (location) you selected for your VPNs tunnel. Anyone interested in viewing your history, identity and/or location will not be able to access this data as it will have been encrypted by your VPN.


An advantage of this is that if some websites or services may blacklist certain IP addresses in country A but not country B - you can use a VPN to mask your public IP address into an IP address that relates to country B to be able to access these websites. People use this method to access geo-restricted content on streaming services such as Netflix.

Another benefit with VPNs masking your identity is that it makes it extremely difficult for advertisers to identify you and advertise target specific ads.

 

Publicly accessible Wi-Fi – We have all been there, out and about, no access to the internet and an increasing urge to look at our emails, check our bank balance or post something online. What do you do? You look for any publicly available networks. Nothing wrong with that, right?


The truth is, anything you do on a public network is, well, public! Public Wi-Fi is described as the virtual playground for hackers as they can easily access your data. if you were to do anything such as logging into online banking or emailing customers with personal details, you can be certain that whoever has access to the network also now knows these details too – it is scary to think that something so simple can create so many vulnerabilities.


If you ever find yourself in a similar situation and must connect to public Wi-Fi, then we recommend:


  • Ensuring the public network is from a trusted source – hackers can and will create real-sounding public networks to entice people into connect to them
  • Only visit websites that are secure – sites with https:// are using the latest encryption protocols whereas sites using http:// are not
  • Make sure that your device is using an optimal firewall  – We are currently offering a Free Firewall audit to help identify any weaknesses in your current firewall and a Managed Firewall Service to help you make the necersarry steps.
  • Do not communicate sensitive data – You are responsible for ensuring sensitive data remains private – especially if the data belongs to your customers
  • Do not log into online banking – only use websites that are secure low-risk such as listening to music
  • Use a VPN – connect to an encrypted network and disguise your activity 

Why buy our Managed Firewall Service?

Improve your businesses Firewall by adding VPN capabilities:

Using a VPN service with your online devices or firewall can offer many benefits for your business - especially with remote staff. As Cyber Security Experts, JC Cyber Security have a long history of managing complex networks, infastructure, and applications in which our customers' firewalls are operating. We are proud to offer a Managed Firewall Service that can be easily tailored to your businesses needs and requirements. With the aim of providing peace of mind, we reduce risk and ensure ongoing compliance while monitoring your network 24/7, 365 days a year.


If you would like to know more about how your business can use VPNs and/or managed firewall services to secure your business, don't hesitate to speak with one of our cyber security experts today.

Follow Us

Be the first to know

You might also like

DAST in DevOps: Why It Matters

October 14, 2024
DevOps is a popular practice, especially among large organizations. However, while it comes with numerous benefits, it presents numerous risks as well. One notable challenge is the increased velocity of deployment, which often complicates how developers implement and ensure application security throughout the development and deployment process. DevOps is a popular practice, especially among large organizations. However, while it comes with numerous benefits, it presents numerous risks as well. One notable challenge is the increased velocity of deployment, which often complicates how developers implement and ensure application security throughout the development and deployment process. According to a recent survey, almost 80% of CIOs expressed concerns about the difficulty of discerning trusted elements from untrusted ones within DevOps environments. In particular, the pressure to deliver services at a faster pace sometimes prompts DevOps teams to take security shortcuts, resulting in potentially costly repercussions. These include data breaches, application downtime, and compliance violations.  So, how can you strike a balance between the demand for agile DevOps practices and the need to maintain robust security measures?

Why DAST Testing is Important

October 4, 2024
Testing applications for security flaws during production is a vital process of the development lifecycle, and this is where Dynamic Application Security Testing (DAST) comes in. DAST is a security testing approach in application security (AppSec), in which testers assess an application in real-time, while it’s actively running. This process can be conducted even without testers knowing the application’s internal interactions or system-level designs. Applications fuel the engine of the world’s economy, but enterprises can encounter substantial hurdles when striving to retain a competitive advantage in a rapidly changing digital landscape. Businesses must continuously pursue inventive solutions, even as they contend with sophisticated adversaries looking to exploit opportunities to disrupt operations, compromise vital information, and inflict harm. According to recent research, approximately 17% of cyberattacks aim to exploit vulnerable web applications. Yet, 98% of web applications are susceptible to attacks that can lead to malware infection or redirect users to malicious websites. All the while, 72% of these vulnerabilities result from coding errors. Testing applications for security flaws during production is a vital process of the development lifecycle, and this is where Dynamic Application Security Testing (DAST) comes in. DAST is a security testing approach in application security (AppSec), in which testers assess an application in real-time, while it’s actively running. This process can be conducted even without testers knowing the application’s internal interactions or system-level designs.  This is because DAST tools operate without access to the application’s source code. Instead, they emulate genuine attacks, akin to those carried out by real hackers, to identify security weaknesses. This “black box” testing method examines the application from an external perspective, scrutinises its runtime behaviour, and observes how it reacts to simulated attacks. These simulations help evaluate whether the application exhibits vulnerabilities and if it is potentially susceptible to malicious attacks.

The Evolution of Hacking

September 25, 2024
In this blog post we look back at the origin of the term “hacking”, as well as how activities that might be described as hacking have existed throughout history, even prior to the advent of computer systems – and what if anything these can teach us today. Hacking is attacking and breaking into computer systems illegally… isn’t it? The meaning of the term “hacking” has in fact changed substantially over time, morphing from describing essentially benign (or at worst mildly disruptive) activities into its modern attribution to largely criminal and illegal activities. What’s more, in its original usage, “hacking” doesn’t necessarily even need to involve computer systems at all.  In this blog post we look back at the origin of the term “hacking”, as well as how activities that might be described as hacking have existed throughout history, even prior to the advent of computer systems – and what if anything these can teach us today.
More Posts
Share by: