As the COVID-19 pandemic has many organizations switching employees to remote work, a virtual private network is essential for countering the increased security risks.
If you’re newly working from home because of the COVID-19 outbreak, you probably have to learn some new tools and tricks very quickly now. Here we look at virtual private network (VPN) technology. Later this week, we’ll dive into other security tools such as Two-Factor Authentication (2FA, or Multi-Factor Authentication – MFA).
For now, however, we’ll start with the basics of how to set up and use a VPN to secure your connection to your office. We’re not talking about building your own from scratch, just how to get up and running quickly.
First, what is a VPN?
A VPN is an encrypted tunnel for your internet traffic that goes through the open internet, often from your home office or coffee shop to your work network at the office. You can connect across a VPN no matter what network you’re on and “appear” to be sitting at your desk at work using all the resources you could if you actually were there.
For our purposes, we’ll only consider VPNs that facilitate working from home. You’ll see a lot of online vendors offering standalone VPN services, but these are typically aimed at users who just want a secure connection to the internet that’s less susceptible to tracking, or to bypass network filters, but not necessarily for those seeking to work from home.
It’s called a virtual private network because it creates your own personal tunnel no one else can access. If all your team members are working remotely from their home offices, this is how you can work as a virtual team without all being at the main office, or gathered together in some other location. Due to COVID-19, this is a newly found desire – even a requirement – for many right now.
Do I need to set up a VPN?
To make such VPN connections, you need to initially set up both ends of that connection – the one on your laptop or home desktop, and the one in the main office. Sometimes, if you have an IT department, they’ll tell you what app to download to your personal device(s) and then give you some VPN credentials for your specific situation – problem solved. Once you install that app and configure it, you can click a button and the link will establish itself and let you know you’re connected.
If you don’t have an IT department, you might have to set up your own VPN connections. Don’t worry, it’s not as daunting as you might think.
Many business-class routers (some under US$100), and some small office/home office (SOHO) ones, have built-in VPN capability, so cost shouldn’t be an issue. In fact, you may already have such a device, so you’ll only need to configure it!
Let’s now look at two common VPN technologies: OpenVPN and IPsec.
This tried-and-true option, which has been around for a long time, is reasonably secure. Also, being open-source software, it is probably supported by your business-class router (and many SOHO units). It used to be tricky to install, but manufacturers have been working on making it simpler.
On contemporary devices, you usually just have to click a few buttons in the configuration screens of the router for the network to be accessed (your office network). You then download the configuration file generated by your router and use that to configure the OpenVPN client software on any remote laptop, desktop or smartphone that needs to access the network behind that router. You should be able to find an easily followed online tutorial for your router.
After you’ve set up your office network router, you have to install apps on the remote devices that will access your new office VPN. Download these from the OpenVPN website, then install and configure them with the files generated while setting up OpenVPN on your office router. That can be tricky if you don’t have an IT person helping, but there are nice online tutorials for this, too. Altogether, you could set up your router and laptop in half an hour to an hour, so it’s certainly doable.
IPsec (Internet Protocol Security) also has a long history and reasonable security. It’s one of the other VPN technologies a lower-cost router is likely to support. The process is similar to OpenVPN, except that many laptops, desktops and smartphones have IPsec support built-in, so you may not need to install another app on your remote devices.
Some of the router IPsec implementations I’ve seen lately seem to be more complicated than those I’ve seen for OpenVPN. However, this may be offset by being able to use native tools on your remote endpoints to just type in a of couple things such as an IP address and credentials and it “just works”. Again, you could probably set this up in under an hour.
There are certainly other VPN technologies out there, but if you want to get started very quickly, these methods have lots of tutorials, experts and experience behind them, so you have a reasonable chance of getting them up and running without having a raft of IT experts on call.
It’s also worth noting that your remote users will likely need a beefier-than-normal broadband connection to sustain high throughput when running their traffic through a VPN, since there’s more horsepower required to do the work of keeping the connection encrypted and tunneled, so you may notice some significant slowdowns, especially on slower connections. This is offset, of course, by the ability to work more safely from home in these turbulent times.
Next we’ll look at how to set up Multi-Factor Authentication, sometimes called Two-Factor Authentication (MFA, 2FA), which can also help you work more securely from home. Until then, stay safe – and healthy!