As the
COVID-19 pandemic has many organisations switching employees to remote work, a
virtual private network is essential for countering the increased security
risks.
By Cameron
Camp
If you’re newly working
from home because of the COVID-19 outbreak, you probably have to learn some new tools and
tricks very quickly now. Here we look at virtual
private network (VPN) technology. Later this week, we’ll dive into other security
tools such as Two-Factor Authentication (2FA, or Multi-Factor Authentication –
MFA).
For now, however, we’ll
start with the basics of how to set up and use a VPN to secure your connection
to your office. We’re not talking about building your own from scratch, just
how to get up and running quickly.
First, what is a VPN?
A VPN is an encrypted
tunnel for your internet traffic that goes through the open internet, often
from your home office or coffee shop to your work network at the office. You
can connect across a VPN no matter what network you’re on and “appear” to be
sitting at your desk at work using all the resources you could if you actually
were there.
For our purposes, we’ll
only consider VPNs that facilitate working from home. You’ll see a lot of
online vendors offering standalone VPN services, but these are typically aimed
at users who just want a secure connection to the internet that’s less
susceptible to tracking, or to bypass network filters, but not necessarily for
those seeking to work from home.
It’s called a virtual
private network because it creates your own personal tunnel no one else can
access. If all your team members are working remotely from their home offices,
this is how you can work as a virtual team without all being at the main
office, or gathered together in some other location. Due to COVID-19, this is a
newly found desire – even a requirement – for many right now.
Do I need to
set up a VPN?
To make such VPN
connections, you need to initially set up both ends of that connection – the
one on your laptop or home desktop, and the one in the main office. Sometimes,
if you have an IT department, they’ll tell you what app to download to your
personal device(s) and then give you some VPN credentials for your specific
situation – problem solved. Once you install that app and configure it, you can
click a button and the link will establish itself and let you know you’re
connected.
If you don’t have an IT
department, you might have to set up your own VPN connections. Don’t worry,
it’s not as daunting as you might think.
Many business-class routers
(some under US$100), and some small office/home office (SOHO) ones, have
built-in VPN capability, so cost shouldn’t be an issue. In fact, you may
already have such a device, so you’ll only need to configure it!
Let’s now look at two
common VPN technologies: OpenVPN and IPsec.
OpenVPN
This tried-and-true option,
which has been around for a long time, is reasonably secure. Also, being
open-source software, it is probably supported by your business-class router
(and many SOHO units). It used to be tricky to install, but manufacturers have
been working on making it simpler.
On contemporary devices,
you usually just have to click a few buttons in the configuration screens of the
router for the network to be accessed (your office network). You then download
the configuration file generated by your router and use that to configure the
OpenVPN client software on any remote laptop, desktop or smartphone that needs
to access the network behind that router. You should be able to find an easily
followed online tutorial for your router.
After you’ve set up your
office network router, you have to install apps on the remote devices that will
access your new office VPN. Download these from the OpenVPN website, then install and configure them with the files
generated while setting up OpenVPN on your office router. That can be tricky if
you don’t have an IT person helping, but there are nice online tutorials for
this, too.
Altogether, you could set
up your router and laptop in half an hour to an hour, so it’s certainly doable.
IPsec
IPsec (Internet Protocol
Security) also has a long history and reasonable security. It’s one of the
other VPN technologies a lower-cost router is likely to support. The process is
similar to OpenVPN, except that many laptops, desktops and smartphones have IPsec
support built-in, so you may not need to install another app on your remote
devices.
Some of the router IPsec
implementations I’ve seen lately seem to be more complicated than those I’ve
seen for OpenVPN. However, this may be offset by being able to use native tools
on your remote endpoints to just type in a of couple things such as an IP
address and credentials and it “just works”. Again, you could probably set this
up in under an hour.
Closing thoughts
There are certainly other
VPN technologies out there, but if you want to get started very quickly, these
methods have lots of tutorials, experts and experience behind them, so you have
a reasonable chance of getting them up and running without having a raft of IT
experts on call.
It’s also worth noting that
your remote users will likely need a beefier-than-normal broadband connection
to sustain high throughput when running their traffic through a VPN, since
there’s more horsepower required to do the work of keeping the connection
encrypted and tunneled, so you may notice some significant slowdowns,
especially on slower connections. This is offset, of course, by the ability to
work more safely from home in these turbulent times.
Next we’ll look at how to
set up Multi-Factor Authentication, sometimes called Two-Factor Authentication
(MFA, 2FA), which can also help you work more securely from home. Until then,
stay safe – and healthy!