DefenseArk #ThreatIntelThursday | VPNs — Rewards and Risks — Part 1

This article is the first in a 2-part series about VPNs — Rewards v. Risks. This week, we will discuss how VPNs work and why they’re helpful to organizations. Next week, we’ll delve into the risks associated with VPNs and how those risks can be mitigated.

Virtual Private Networks (VPNs): Reward Versus Risk

We’ve heard a lot about VPNs recently. It seems like every YouTuber and Podcaster is being sponsored by some kind of VPN provider. But what is a VPN? And how can it be used to protect you while you’re using the internet?

Some Background

VPN stands for Virtual Private Network. A VPN works by extending a private network connection across a public network, enabling a user to utilize the internet (sending and sharing information) across public networks, while their own information remains private as though they were using a private network connection.

VPNs provide an amazing amount of convenience by allowing remote users to access network resources remotely — remote users connect to the organization’s network where network resources (virtually) appear to be local to remote users.

VPN Capabilities

VPNs offer a major convenience for remote workers, by allowing users to work and operate the same way they would if they were working in the office. Network resources like servers, folders, files and printers all appear as those resources would appear to local office users. To do this, VPNs must provide three key services:

1. Tunneling: allows remote users to access local network resources through the internet where all local resources appear to be local. The network may be 12, 14 or even 20 hops away from the remote user through the Internet, but all resources appear to be directly connected. In other words, VPNs create a tunnel.
2. Authentication: verifies that remote users identify themselves and those identities are verified (or authenticated) to ensure that only those authorized are able to access organizational resources.
3. Confidentiality (through encryption): makes information readable only to intended (authorized) recipients. As individuals perform tasks and access resources that are sensitive, and sessions are traveling over the internet, then those connections must provide for confidentiality (through encryption).

This article is part of #ThreatIntelThursday @OpenAVN, an ongoing series that offers readers authoritative, but easily digestible, information about different malware, how they might be vulnerable to attacks, and what they can do to protect themselves. To read past Threat Intel Thursdays articles, click here. (We suggest starting from Week 1: Malware.)

A crucial step in digital risk mitigation is a solid and reliable endpoint protection platform. BrightScan is a cloud-based, blockchain-powered endpoint protection platform that can be customized to fit your needs and is user-friendly enough for the home office and powerful enough to protect large enterprises.

Contact our Head of Sales, Jourdan Parkinson, to schedule a free demo of our cloud-based EPP, BrightScan, or just to chat about how our products can work for you.

For more of the latest in cybersecurity, subscribe to DefenseArk’s blog right here on Medium. In addition to Threat-Intel Thursdays, we also write about breaking news, thought leadership, and deep-dives into cyber intel.

About the Author: Ted Udelson, PMP, CISSP, Security+, Network+, A+ is the chief learning officer and cofounder of Succinctive Training, LLC. Ted is also the author of “The Complete, Compact CISSP Study Program: How to Pass the Damn Exam!” Ted brings his over 35 years of experience in information security and technology to inform his writing for #threatintelthursday.