PL
DE
UK
To some, a VPN may be associated with TOR because of the desire for anonymity. VPN serves any business or Internet user who cares about the security of data transmission. This type of network is perfect for businesses and prevents data leaks. Where do we make mistakes and what can we do to better secure company data?
A VPN is a type of tunnel through which data is transmitted between a device and an Internet server in a secure manner. Security means:
- Privacy protection: block spying and data theft,
- protection against phishing attacks, DDoS, data leakage, among others,
- change of virtual location, i.e., when using a VPN connection, the IP address and location of the VPN server, not ours, is visible to website owners. Moreover, most VPN services allow you to choose your virtual location among dozens of options and quickly switch between them,
- VPN connection is able to bypass local restrictions, e.g., it is possible to use Facebook and Wikipedia in China, where officially these sites are blocked.
VPN in companies
VPN enables secure data transmission over the Internet and use of shared resources, e.g., database, shared files, printers. It is a flexible network that does not require physically pulling cables to all locations. A VPN can also exist inside a company to separate some departments or systems from others. Any employee can use a VPN to organize a corporate network, regardless of the size or type of company. A virtual network is often used to connect internal servers ( LANs) within an organization or computing clusters. VPN successfully allows you to work remotely on corporate devices without risking security compromise or data loss. The technology works well in cloud computing environments.
VPN and cyber security
The VPN protects the company from any type of attack inside the local network and in high-risk locations (e.g. airport, cafe, shopping mall). Data is encrypted in several ways:
- cryptography symmetric-single-key algorithm
- hashing – encryption of data using hash functions (simple to verify signatures for any large data set)
- Cryptography asymmetric – the use of two or more keys with which to perform different cryptographic operations.
Why is the company leaking data?
Situations where a company’s data is vulnerable to leaks, phishing attacks, viruses, very often involve the so-called human factor. Companies may not have up-to-date software and insufficient data protection:
- employees send company files to private email addresses. This is not wrong, of course, but it’s worth remembering to send these files over a VPN instead of compromising their confidentiality.
- there is no enterprise-wide data protection policy in place, or owners outsource data encryption to employees. Managers do not always have the time and resources to implement full protection. Instead, it is best to implement automated data protection tools in the company.
- Companies sign agreements with partners that include confidential data. Sometimes materials received from outside are not properly secured by partners.
Examples of companies with leaked data
One of the most notorious cases is the company morele.net, where the data2 of 200,000 million contractors was leaked, including sensitive data such as name, surname, date of birth, PESEL, home address and even information on earnings. The owners of the company were fined more than 2.8 million zlotys. At the beginning of 2019, there was also an attack on the Catholic online bookstore XLM.pl, from where 37,000 users’ data were stolen. Another 2019 leak involved publicly available data on Vietnamwiza.com, where more than 3,000 users applied for a visa to Vietnam.
VPN at ITH
At ITH, cyber security of customer data is a priority. We offer a VPN network. We perform auditing and monitoring, have a cloud firewall and offer high-speed hosting. We encourage you to use the services of our specialists.