Here’s the deal. I’m gonna give it to you straight, you ready? Your internet traffic is not always private. Eavesdroppers can see what websites you’re visiting and they can sometimes monitor other sensitive information that you send through the internet. But there is a way to make your connection waaaaaaaaay more private and secure! It’s called a Virtual Private Network (VPN). Let’s break it down.
First, let’s start by talking about what exactly isn’t private and who might be monitoring your internet traffic. You might think it’s just bad guys but actually there are a lot of “good guys” that spy on your traffic too. You probably even gave them permission! For example, the company you pay to provide you with internet service (your internet service provider or ISP) almost certainly monitors your internet traffic and sells information about you to marketing companies. That’s why those rainbow striped toesy socks you almost bought keep showing up in internet advertisements! ISPs can also determine when you’re watching a streaming service like Netflix and they can even tell what movie you’re watching!! If that doesn’t seem like a big deal to you, consider that most internet service providers also sell cable service… and it is theoretically possible that your ISP might slow down your streaming services so that you might get frustrated and decide to “un-cut” that cable service you got rid of last year. Not all ISPs do this. Some believe in “Net Neutrality,” which means that they will not ever slow down your traffic for any reason. But they will still monitor you!
Ok, so what if you’re not too concerned about privacy issues or net neutrality? You should know that there are other situations where internet hooligans can watch your internet traffic in an attempt to steal your identity, your payment information or other sensitive information. Public Wi-Fi hotspots are perfect locations for someone to do that, because these locations are almost always unsecure. For example, when you connect to public internet at an airport or a coffee shop, anyone else that is sitting nearby can just watch all of your internet traffic. If you’re sending unsecured emails, connecting to unsecured websites or sending and receiving important files, these eavesdroppers can collect whatever it is you’re sending. That’s because your account credentials, payment information, intellectual property related to your work or other sensitive data could be of value on the dark web.
So what’s this VPN thing and how does it help?
Okay, okay, slow down, we’ll get to that. First, let us say that in an ideal world you’d have a truly private physical wire connecting your computer to any other machine or website with which you need to communicate. With a dedicated physical line, it would be really hard for anyone to watch your traffic because they’d have to tap into the line. But having all those wires would be really impractical, right?! No one could afford the cost of setting that up. Plus, there would be way too many wires everywhere! No one likes wires anyway, that’s why we invented wireless!!
A Virtual Private Network provides a practical alternative. A VPN is exactly what it sounds like; a private communication channel that is established “virtually” over a non-private physical network like the internet. To understand how this works, take a look at the image below and then we’ll break it down.
When you set up a VPN, what you are doing is establishing an encrypted connection between your computer and a “VPN server” somewhere. Sometimes we call this a VPN “Tunnel” because, metaphorically, it’s kind of like a really secure, physical tunnel through which your data will be sent. In reality the data is being encrypted. This encryption is strong enough that eavesdroppers cannot see what’s in the data at all. In fact, no one between you and the VPN server can see the data, including your ISP!
So what happens to the data when it gets to the VPN server? Good question! The VPN server is really just a middleman. If you are trying to reach a website while connected to a VPN, you send your encrypted traffic to the VPN server and then it forwards that traffic on to the website as if the traffic originated from the VPN server. That’s right, the VPN masks the origin of the data so really no one could ever tell that it came from anywhere but the VPN. It’s like when Bruce Wayne goes down to the basement of Wayne Manor, gets all dressed up, drives the Batmobile down some long underground tunnel and then pop’s out of a waterfall somewhere. Even if there was someone at the waterfall, they aren’t gonna associate the Batmobile with Bruce Wayne, because… why would they?
VPNs can also allow you to safely connect to a remote network of computers as if you are there. In that case, the VPN server is actually physically connected to a network of machines. The server can still forward your traffic on to the internet but it can also forward it to another machine in the network to which it is connected. This kind of VPN is used commonly by businesses to allow their employees to remotely connect to their protected internal networks. Take a look at the figure below for a graphical representation.
VPNs at Ohio State
Ohio State has a VPN service that will protect your internet traffic and allow you to connect to the network as if you are on campus. If you are a university employee you can open your “Cisco AnyConnect Secure Mobility Client” on your university-managed device and connect to the network at Ohio State from anywhere in the world. This can allow you to safely access files that you would normally only be able to see if you connect from a location on campus.
Steps to connect to the Ohio State University VPN
- Connect to the internet, even if it isn’t a secure connection.
- Open the Cisco AnyConnect Secure Mobility Client
- Click “Connect.”
- Select “OSULAN” for the group
- Enter the username and password that you use on campus
- Enter “Push” in the “Duo type” field. This will prompt the Duo App on your BuckeyePass enabled device to ask for authentication.
- After you authenticate with the Duo App you’re connected to the VPN and protected!
You should connect to the Ohio State VPN any time you are accessing the internet with a university asset from a public location or a location where you don’t necessarily trust the people or company that manage the network. You will only be able to access files on Ohio State servers remotely if you connect through the VPN.
VPNs for personal Use
You can, and should, use a VPN in your personal life too. There are VPN services you can pay for that have servers all over the world. Once you sign up it will actually let you decide which server you want to route your traffic through. After that, when you connect to the VPN, your traffic will appear to originate from that same server no matter where you are in the world. It’s your “Batcave waterfall!”
Just like with the Ohio State VPN, you should connect your personal devices to your VPN service when accessing the internet from public places or networks you don’t trust.
Some drawbacks of VPNs
While VPNs stop cyber-hoodlums and your ISP from seeing your internet traffic, they will also prevent firewalls from inspecting that traffic, which will defeat the firewall as a protective measure. This is why it’s important to have a firewall set up on your computer and not just rely on network-based firewalls. Your VPN server will also have a firewall on their end, but this is an important detail to keep in mind if you are ever setting up a network.
When selecting a VPN service for personal use, you should also keep in mind that the VPN service can actually spy on your traffic just like your ISP can. Some of these services swear that they don’t monitor your traffic and they really don’t have a vested interest in slowing your traffic down so VPNs can definitely be an improvement over ISPs in terms of privacy and net neutrality. Just make sure you read their monitoring policy carefully.