May 23 2016

VPN: Protecting the Business Traveler

Business travelers and anyone who frequent public WiFi hot spots are especially vulnerable to cyber attacks.  You never know who is also on the free WiFi, and what they might be doing. Eavesdropping for user data at these places is easy and can yield a treasure trove of information to a hacker. Businesses have been using Virtual Private Networks (VPN) for years; enabling employees to safely connect to the business network from a remote location. Company laptops are routinely supplied with VPN software. However this blog is about laptops, tablets and cell phones or other WiFi enabled devices that a company may not cover.

A quick definition: VPN is software which creates a secure encrypted tunnel through a public network to access a private network. A business supplied VPN will connect directly back to the business network. Third party VPN software connects to the VPN service’s network, and then on to the final destination. It uses different security protocols for connection and encryption. A more detailed explanation of the various protocols can be found here:

The explosion of free WiFi hotspots at airports, restaurants, hotels and even retail stores gives users the ability to work from almost anywhere. In addition, employees are connecting to business networks with their smartphones and tablets. Free or public WiFi allows a hacker to interpose himself between the user and their destination, capturing data as they browse the internet or connect to a specific network. If the user allows file sharing across a network hackers can distribute malware to their device.  VPN software adds a layer of security to help defeat these cyber criminals.

A VPN creates a virtual point to point connection via encrypted channels from the VPN client to the VPN servers. If a hacker is eavesdropping between the user and the VPN the data they steal is encrypted. However, the user’s IP address is known, and metadata analysis can still reveal information. The core data is still encrypted. If the attacker is eavesdropping between the VPN and the user’s destinations then the VPN masks the user’s private IP address, using the service’s address instead; this hides the user’s physical location as well. It is important to know VPN does not prevent a user from downloading malware from a suspicious site or opening suspicious email.

VPN’s help users foster good cyber hygiene behavior. They are only a part of a needed multi layered approach, but essential for the business traveler and public WiFi user. Additional security measures are:

  • Use SSL connections
  • Turn off sharing
  • Keep WiFi off until needed
  • Install and keep updated an internet security software package

Sometimes using public WiFi in inevitable. Here are some steps to take to keep secure:

  • Do not access a bank app, ePHI or other sensitive data
  • Wait for access to a secure network to do those things
  • Make a phone call instead

If you’re interested in learning more about VPNs and cyber hygiene, feel free to contact us.