VPN: What Is Data Protection?

As a writer in the information security world, I’m always looking for ways to help those outside the cybersecurity community find better ways to keep themselves secure. As malware and ransomware attacks increase, finding ways to take back control over our security becomes more important.

What does VPN Stand For?

Sure, you’ve seen the term VPN thrown around. VPN stands for “virtual private network.” As more people look to protect information, they want to make sure no one can track them.

An IP address is the location from which you connect to the internet. It’s kind of like a home address, but it relates specifically to each device connected to your home internet. Each smartphone, tablet, computer, and even that Alexa/Google Home you love getting weather from has it’s own special IP address.

In April 2017, the FCC allowed your internet service providers (ISPs) to collect and anonymously aggregate the information in different regions based on a set of rules it laid out. Allegedly, the goal was to make sure that internet service providers protected your data the same way across the country.

Regardless, this decision means that information you think is totally private becomes part of a larger data set showing trends in search, purchase, and streaming video history.

Can my ISP find me?

Yes and no. Technically, they can. However, as part of the  rules the FCC established, they’re supposed to keep the data anonymous. They can put a whole bunch of IP addresses together, but they’re not allowed to link them to specific people.

Under the European Union General Data Protection Regulation, and probably a few new state laws being passed in the last year, IP addresses — if they link to a specific person — count as personal information in terms of protecting privacy.

However, most ISPs are just looking for big batches of information to sell for marketing purposes, and a single person’s information isn’t really going to do much. Marketers want trends so the value of the information lies in large bunches of data. For example, if it’s winter in New England, more data about snowblowers and winter coats is going to be linked to the searches than bathing suits. At least, generally speaking.

What is a VPN?

A VPN is a downloadable application available for MacOS, Windows, iOS, and Android. Basically, once you download the application to the device you want to be protected, the VPN lets you choose one of its servers as the location identifying the device. The IP address can say that you’re in a different city, state, or even country.

By choosing a server, it anonymizes your IP address so that hackers can’t track you and your internet service provider can’t collect your internet use for marketing purposes. This of it like putting a wig on your IP address. You’re still yourself, but you’ve put a wig on and look slightly different to people who don’t know you.

What to look for in a VPN

All of this technology stuff can be confusing. Moreover, the number of companies trying to sell products that protect cybersecurity are increasing rapidly with so many data breaches in the news. Figuring out what to look for means wading through a bunch of tech language that a lot of people don’t understand. So, here’s a brief overview of what your VPN needs to have.

Data Encryption

Basically, data encryption means that the VPN uses a computer program to scramble up all the information so no one else can read it. A VPN is going to use what cybersecurity professionals call “in-transit data encryption.” Once the information leaves a device, the VPN sends it to a server somewhere else, then that server scrambles up all the information when it goes to the website you’re looking at.

That sounds complex, huh? It is, and it isn’t. A lot of data security solutions provide this kind of information scrambling to help keep information from being intercepted as a device sends and receives information. It’s actually a really good thing if you’re worried about someone stealing information. Moreover, it’s specifically important if you’re using a public WiFi connection.

Malicious Site Alert

Just as important, you want something that tells you when you’re going to a dangerous website. Sure, you’re protecting your location, but hackers like to put code on websites that attach themselves to your browse (Google, Chrome, Firefox, Safari) and track what you do. Basically, think of them like little internet ticks. A tick bite you and leaches your blood. Then, even when you take it off, you can find out a few years later you have Lyme Disease. Not a one-to-one, but a close enough analogy.

A Lot of Server Options

As more people are buying data security tools and apps, the servers get overloaded. Essentially, when you request information – streaming, internet search, or a cloud drive like iCloud/Google/Dropbox, your computer is asking the server to do it a favor. It’s sending a request to act, the server is filtering that request, then sending it on. The more requests sent to a single server, the slower things get.

How can a VPN help protect against the risks of public WiFi?

Public WiFi connects are just that, public. Think about it this way, when you’re leaving your car in a parking lot, you’re locking the door so no one takes it. The same should be true of your information on a public WiFi connection.

Man-in-the-Middle

Remember when you were a kid and you played monkey-in-the-middle? Hackers do the same thing with information. Like the ball in your favorite childhood game, your information travels from one point to the other when you send it. A hacker can find a weakness in the public WiFi connection to catch the information in mid-air, as it were. Since public WiFis don’t hide your information, hackers can simply jump up and catch it, electronically speaking.

Rogue Hotspot

You’ve heard the term “phishing.” Phishing is when someone sends you, and email with a link they want you to follow. The link sends you to a fake website that collects your information. For example, you get an email telling you to update your password, click the link in the email, and change it. No company is going to do that. That email was a spam email attempting to steal your information. A rogue hotspot is the same as a phishing attack. You’re in public, see a WiFi connection, click on it. Since there’s no official way to check whether it’s really the public WiFi, a hacker can make a hotspot look like the real one and then use it to gather all your information.

Using the HotSpot Shield application, you can use the data scrambling of its encryption to make any information taken meaningless to someone. When you use encryption, you’re taking your information and scrambling it like you did with decoder ring messages when you were a kid.

What’s the Good about VPNs?

Basically, they’re an easy way to protect your information. You download the program. Create an account. Boom. You’ve protected your data.

If they give a dangerous site alert, they scan the site and then blocks anything that can infect your device.

Increasingly, mobile devices have become targets for hackers.  “Smishing” (when they text you a link like in traditional phishing) and instant messenger applications using a similar methodology (although these may look like they come from friends) now pose risks. That “click here for a discount code” may really be a hacker trying to take your information by putting malware onto your device.

A good VPN regularly updates its malware database to keep you protected from these kinds of information attacks.

Where bad VPNs make it worse

Anonymizing your location can cause login problems for applications that don’t want you to be somewhere your GPS says I’m not.

As far as the login problems, I’ve had issues with Pokemon Go, Amazon, and streaming services. Some people use VPNs to pretend they’re in a different location so that they can access services not available where they live. Basically, people try to use a VPN as a virtual airplane. If you want to watch a show that only airs in Germany, you might use a VPN to access it. If you live in New England, you might want to try to catch a Pokemon that can only be found in Japan.

This isn’t technically illegal, but it’s unethical. Most websites try to track your location so that you’re not accessing information inappropriately.

They can slow down internet streaming services.

Because your VPN sends information farther away and then back to where you want it to go, the information transfers take longer. It’s sort of like taking the scenic route on a drive. You know it’s going to take longer, but when you’ve got three kids in the car whining about needing a rest stop? It’s a little maddening.

The upside? If you choose a VPN with a lot of server choices, you can choose a different one and see if that works better.

Should I get a VPN?

Every security choice is a personal one. The more I’ve been in cybersecurity, the less I want people to be able to track my location and information.

The more I’ve read about cybersecurity in my job, the more I realize that simple solutions can help us protect our information. If you’re doing anything online – from banking to the types of books you like to read— you want to control the information as much as possible. So for me, even if it’s a little bit of hassle here or there, I spend a lot of time working remotely and sending information across public WiFi and cellular connections. A VPN with encryption helps me keep that data from the peeping toms of the internet.

Liked it? Take a second to support GeekMom and GeekDad on Patreon!