media

Why a VPN is a Requirement

By Tyler J. Wise|November 14th, 2020|Blog|

I have probably been asked more than ever of late, why I bother with a VPN (Virtual Private Network) connection? Arguably, it is slightly overkill, as I rarely connect to a network that is not one I control. However, equally as rarely am I not dealing in sensitive information, and ensuring all risk is mitigated is just good practice in my line of work. By ensuring that all internet connections, across all devices are connected to a VPN, it means I am never unnecessarily exposed. If there is ever a requirement to connect to an open network I can do so with more confidence than I might otherwise have. However, I discourage you from EVER connecting to an open network. Simply put, it is not a difficult process to snoop the traffic, and it is also not hard to deploy a VPN. Having your traffic snooped is ‘ok’ if you are just browsing, but as soon as you visit a sensitive location, this is a risk you do not need to take.

There are many VPN providers out there (I am not going to review the plethora of them), and I encourage you to find one that suits your profile and budget – they are affordable and can be easily deployed across your entire business without significant cost. When you are evaluating VPN providers, do read their privacy policy, and ensure under no circumstance they are maintaining logs. If they do keep logs then you lose your security / anonymity that the VPN serves to provide. Do take time to find a VPN provider that is reputable and has a proven track record. Avoid free VPN providers, as they often do keep logs, even if they say they don’t. As the old saying goes, “if it’s free, then you are the product.”

Some people associate connecting to a VPN with a nefarious purpose, or at least something mischievous, however this is not the case at all. In a recent survey upwards of 25% of internet users utilize a VPN (most likely to avoid geo-restrictions), however, 25% of internet users are not breaking rules openly. [The same statistic cannot be said for the Dark Web]. A VPN protects your data from your ISP, and is a means reducing your advertising ‘attack vector’. If you are hiding your data from your ISP then they are unable to build a profile on you, and I am a firm believer that we are all entitled to an expectation of privacy and anonymity online.

As an accountant I believe that this is less of an expectation but more a right and requirement. Simply put, there is a higher burden of expectation placed on accountants (among other professionals) that we will take any and all necessary precautions to protect our database and client information. Especially in the age of notifiable data breaches.

If you are not using a VPN, I implore you to at least look into the process and protect your online activity that little further. Granted, you are likely protected with a reputable service provider, and the fact many sites are encrypted under the https protocol; however, an extra layer of protection never goes astray. Think of https as the lock to your front door and the VPN the deadbolt you also use! It adds no inconvenience to your browsing, should not impact your ability to access most sites (but not guaranteed), and the speed drop off these days should be immaterial.

Ideally your VPN provider should:

1.   Keep no logs

2.   Be based in a country that is not part of the 5 (or 14 eyes).

a.   If it is based in one of these countries do read their policies as this ‘location risk’ may be entirely mitigated by their privacy and log policy

3.   Provide a kill switch (if your VPN connection drops out, your internet connection is also terminated, until the VPN comes back online).

4.   Commence automatically upon log in / boot of your computers

The VPN I use satisfies all of these requirements, but also has an OpenVPN client details, allows me to deploy my VPN connection a router, which automatically protects all devices connected to my network (which in reality is the best means of protecting your entire office infrastructure).
I do encourage you to explore the permanent use of a VPN within your business network if you are not already, and take that extra step to protecting your data, and your clients. You will not regret it!

 

<< Back to Media