VPN provides secure communication with the right setup and encryption!
Making important evaluations about the advantages and possible risks offered by the security and privacy rights of VPN (Virtual Private Network) technology, Cyber Security Specialist Asst. Prof. Ahmet Şenol stated that "Since the VPN uses secure password mechanisms in its connection, only the people in between can see an encrypted communication, and this password is considered secure because it cannot be decrypted in a reasonable time (it takes years). If VPN service is obtained from the right address and the VPN setup is done correctly, secure communication can be achieved."
Üsküdar University Cyber Security Master's Program Head Asst. Prof. Ahmet Şenol made important evaluations about the advantages and possible risks offered by the security and privacy rights of VPN (Virtual Private Network) technology.
VPN is also used to access banned addresses
Noting that VPN is one of the preferred technologies for secure communication on the internet, which is an insecure network, Asst. Prof. Ahmet Şenol stated that "It is also a method used to access prohibited addresses or to use prohibited applications. One of the reasons for using a VPN is the ability to connect to sites and applications that are restricted by the government or content provider, and the identity of the person connecting to these addresses remains anonymous. To give a clear example, a person in Türkiye connects to a banned site with a VPN connection as if he were connecting from a point in the Netherlands, for example, and since this site is not banned in the Netherlands, it allows the connection."
With VPN, they can connect to the office network from home and take advantage of the local network facilities in the company
Stating that VPN also allows people to connect to the office network from home and benefit from the local network facilities in the company, Asst. Prof. Ahmet Şenol stated that "In another use of VPN, people can connect to the institution/company networks they work for from home via VPN, send printouts to the printer in the company, use the sharing folders in the company, and benefit from the opportunities of the company network, as if they physically went to the company and their computer is connected to the local area network in the company. To give a concrete example, while university students cannot download an article from the home Internet, they can connect to the university's VPN service and download that article by taking advantage of the university's article library agreement (as if they went to the university with their computer and connected to the network from there)."
VPN service must be obtained from the right address!
Stating that banks can also connect their branches to each other using VPN technology and establish secure connections over the internet infrastructure, which is considered insecure, Asst. Prof. Ahmet Şenol said that "Since the VPN uses secure password mechanisms in its connection, only the people in between can see an encrypted communication, and this password is considered secure because it cannot be decrypted in a reasonable time (it takes years). If VPN service is obtained from the right address and the VPN setup is done correctly, secure communication can be achieved."
What are the security vulnerabilities that can be encountered in using a VPN?
Referring to the security vulnerabilities that may be encountered while using VPN, Asst. Prof. Ahmet Şenol stated that "The company providing the VPN service can log (record) your identity and which sites you visit. Another risk is that the encryption mechanism of the application of the company providing the VPN service may be weak, it may be possible to crack the password and listen to and record the communication. The VPN may be configured incorrectly, the user or company that lacks the ability to configure it may be communicating without security, while thinking that they are talking over a confidential and encrypted connection. If the VPN user code and password are obtained by someone else (as a result of social engineering or carelessness), strangers or attackers can infiltrate the corporate network."
What are the potential risks of free VPN services?
Warning about the security vulnerabilities of free VPN services, Asst. Prof. Ahmet Şenol continued his remarks as follows: "Free VPN services may have weak encryption. It can log the sites and addresses visited by the person along with their real IP number. This recorded information can be given to advertising companies and intelligence units of repressive governments. Some free VPN apps may contain malware, send sensitive information on your computer to a third address, and share your communications with a third party."
What to look for when choosing a secure VPN
Listing the criteria to be considered for choosing a secure VPN, Asst. Prof. Ahmet Şenol concluded his remarks as follows: "It can be said that a paid VPN is generally more secure. VPN providers that advertise that they do not log (log) communication traffic may be preferred. Care should be taken to ensure that the laws of the country to which the VPN provider service provider is affiliated strongly protect personal privacy. Reviews from other VPN users can also be considered. The results of audits by organizations that audit VPN companies can be considered when choosing a VPN service. VPNs that use modern protocols such as OpenVPN, IKEv2/IPsec, WireGuard can be preferred. VPN providers with a large number of servers in more countries can be preferred."
Üsküdar News Agency (ÜNA)