Skip to main content

What is a VPN and do you need one to work from home?

By May 4, 2020Security
Virtual Private Network

Since businesses started shifting to remote work due to COVID-19, OXEN has seen a sizeable uptick in requests for purchasing and implementing VPNs for at-home workers. You’ve probably seen that a Virtual Private Network (VPN) connection is often recommended for securely working from home while accessing company resources.

So what’s a VPN for in this context, and do you need one? If you’re a business manager, do you need a VPN connection for every employee who’s now working from home? Read on for our tips.

What Is a Virtual Private Network?

VPN stands for “Virtual Private Network”. It creates a private network from a public internet connection. It establishes a secure, encrypted connection between point A (in this case, your home network or internet connection) and point B (your company’s network). Traffic and data transferred between the two are now encrypted and no one can easily “eavesdrop”.

People often think of a VPN as a way of masking your identity and location online. It’s recommended for anonymity if you don’t want someone tracking your online activities. For example, a VPN can mask your browsing history from your internet provider or services targeting you for ads based on your activities.

However, for business use a VPN is necessary for a more secure connection that protects sensitive data transfer. You need this if you are accessing resources at your company’s location – for example, if you want to:

  • Access files on your company’s file server.
  • Remote into a server to use an application hosted there.
  • Remote into your own PC in the office to use it like you usually would.

Do You Need a VPN Connection?

Does every single remote worker need a VPN to connect to your office network from their home? Possibly not. You should absolutely consider a secured connection for any work involving transferal of sensitive or confidential information. But don’t jump straight to a VPN setup if your work can be done entirely on a single machine – that is, you have all your applications installed or accessible via the cloud. A VPN is necessary if you need remote access to a special program or data that isn’t locally hosted on your machine or isn’t a cloud service.

What security best practices should you ensure before implementing a VPN?

Your first step before implementing a VPN is to make sure that your (or your employee’s) home office network and environment are locked down.

  • The home Wi-Fi network should be encrypted, and the router, modem, and other network devices should be secured with strong passwords and encryption as well.
  • Work PCs, laptops, tablets, and phones should be password protected and only used for work, not for personal use. Do not use work devices for personal internet surfing just because the laptop or PC is in the house.
  • If employees are taking their work computers home, Windows Firewall should be turned on and locked down. The hard drives should also be encrypted in case the PC is stolen from the home.

If you are ready to set up a VPN connection, keep in mind these tips as well:

  • Employees’ personal computers should not be used to VPN into the office network. Personal devices typically don’t have the same level of security protection as business-grade devices, and they could already be infected or compromised. A virus can spread from a personal home computer through a connection to the office network.
    (Note: If your employees must use personal computers, improve their security by licensing and installing anti-virus and anti-malware solutions that are recommended for business use.)
  • Remember the principle of “least privileged access”. VPNs should be specifically configured to only allow the required resources needed for the employee. For example, if they only need to remote into their work PC, then configure one port open to one IP address. The employee doesn’t need to have access to the whole network through the VPN.
  • Use two-factor authentication to deter hackers who want to get in. A VPN is a way into your network that bypasses the firewall. Make sure that this entry point is as secure as can be!

How do you acquire a VPN connection?

If you’re an employee, you should ask your IT support team if they already have VPN capability and can set you up. If not, acquiring and setting up a VPN can be done through your IT support provider. You’ll purchase a subscription or license that allows a certain number of connections or users. Then you’ll download and set up the software or app for the service onto your devices. Once configured, a VPN service is mostly set-it-and-forget-it.

There are many factors to consider when choosing a VPN provider. At OXEN, we recommend setting up VPN connections through a SonicWall Next Generation Firewall. If you already have a SonicWall firewall, you can simply acquire the appropriate licensing for the number of VPN clients you need.

Not sure about a SonicWall Firewall? Reach out to us and one of our experts can discuss the right option for you! There are many third-party apps available, as well as other ways of connecting to remote services that may work for you.


Recent Posts / View All Posts

social engineering tactics

How Hackers Use Social Engineering Tactics in Phishing Scams

| Business Productivity, Security | No Comments
Social engineering is quite a buzzword these days in the world of cybersecurity. But what is it, and why are businesses so afraid of it? It is a form of hacking that uses deception and manipulation to get victims to divulge information. Companies have reason to be fearful because social engineering tactics have led to a lot of destruction and millions of dollars in losses for businesses worldwide. Phishing is one of the most rampant types of attacks these days. It has been highly successful because it uses tried-and-tested social engineering techniques to hoodwink potential victims. What are these Social…
spot social engineering

Training Employees to Spot Social Engineering

| Security, Tech Tip | No Comments
Social engineering is one of the newest methods hackers use to access sensitive information. Rather than attacking a system directly, this technique relies on human psychology to gain information. This method is brilliant when you think about it because it does not have to deal with going past ironclad network security. If hackers can manipulate even a single employee, they might hand over sensitive information on a silver platter, and the hackers can take control of the organization’s entire system. This is why its important for your employees to learn how to spot social engineering. Companies must understand that if…
Phishing Scam Tactics

Top 8 Phishing Scam Tactics and How to Identify Them

| Business Productivity, Security, Tech Tip | No Comments
Phishing has been a common hacking method for over two decades now. You would think that everyone would already know how it works and how to avoid becoming a victim, right? Sadly, that is not the case for these Phishing Scam Tactics. There are more victims now than ever. In 2022, there were more than 300,000 victims in the US alone, with damages amounting to over $52 million! The thing is that phishing scams have evolved over the years. Hackers are now more adept at hoodwinking unsuspecting victims, and they also have easy access to modern technology that helps elevate…