What is a VPN? A non-technical guide for professionals
We have been living in a vast digital workplace for some time now, a permanently connected environment that transcends the boundaries of the traditional office to include the sofa at home, airport lounges, hotel rooms, coffee shops and train carriages. In this fluid and constantly evolving digital space, you read the news, shop online, download apps, participate in calls and meetings, answer emails, access sensitive data, perform banking transactions, and more besides, on a daily basis. But do you ever wonder what happens to your data while you are online? Are you really in control of the information you share, the sites you visit, and the actions you take? Spoiler: a large number of others can see what you do during your daily visits to the Internet. Unless, of course, you use a VPN – a Virtual Private Network to protect your Internet connection and online privacy. So, how does a VPN work? A VPN acts as a vigilant and attentive guardian to protect you from prying eyes and malicious attacks.
Who can see what you do online?
The Internet is not a private house; it is a public square.
Every time you connect to the Internet, your device uses an Internet Protocol (IP) address, which can reveal not only your online identity, but also the location from which you connect. Technically, an IP address is a numerical label assigned by the Internet service provider. Because it is used to identify individual devices among billions of others, it can be regarded as a postal address in the digital world.
When you enter the name of a website (example.com) in your browser’s address bar, your computer has to perform certain operations because it cannot actually read words, only numbers. First of all, the browser locates the IP address corresponding to the site you want (example.com = 192.168.1.1), then, once the location is found, it loads the site onto the screen. An IP address functions like a home address, ensuring that data sent over the Internet always reaches the correct destination.
This identifier is visible to all the subjects listed above.
Not only that, but the information you routinely exchange online – passwords, emails, documents and sensitive data – often travel in “plaintext” i.e. without being encrypted. This means that anyone who manages to intercept them on their way through the network can read or copy them. Think of sending a postcard: anyone intercepting it on the way can read its contents, your name, the recipient’s address and so on. The same happens with your online data. Not using adequate protection systems, like a VPN, is like leaving your front door open. Would you ever do that?
How does a VPN work?
Typically, when you attempt to access a website, your Internet provider receives the request and directs it straight to the desired destination. A VPN, however, directs your Internet traffic through a remote server before sending it on to its destination, creating an encrypted tunnel between your device and the Internet. This tunnel not only secures the data you send and receive, but also hides it from outside eyes, providing you with greater privacy and online security. A VPN also changes your real IP address (i.e. your digital location), e.g. Milan, and replaces it with that of the remote server you have chosen to connect to, e.g. Tokyo. In this way, no one – neither your Internet provider, nor the sites you visit, nor any malicious attackers – can know where you are really connecting from.
It is as if the virtual public square, where everyone sees and listens, turns into a closed room, invisible to those outside, at the click of a button.
This, in brief, is how a virtual private network works:
1. First, the VPN server identifies you by authenticating your client.
2. The VPN server applies an encryption protocol to all the data you send and receive, making it unreadable to anyone trying to intercept it.
3. The VPN creates a virtual, secure “tunnel” through which your data travels to its destination, so that no one can access it without authorisation.
4. The VPN wraps each data packet inside an external packet (an “envelope”) which is encrypted by encapsulation. The envelope is the essential element of the VPN tunnel that keeps your data safe during transfer.
5. When the data reaches the server, the external packet is removed through a decryption process.
Using a VPN should be part of your digital hygiene
Every professional should use a VPN, not only when working remotely or using public Wi-Fi, but as an essential tool to surf more securely, privately and responsibly, day after day. You can think of a VPN as a habit of digital hygiene that provides greater privacy and an additional layer of protection against potential online threats.
A VPN:
● encrypts your data, protecting you from prying eyes
● changes your real IP, protecting your identity
● routes your data through remote servers, creating a secure and private tunnel
● stops your Internet provider and other third parties tracking your data.
To sum up, a VPN is not just a tool for special situations, like using public Wi-Fi, accessing restricted content. Neither is it only for experienced users and cybersecurity enthusiasts. On the contrary, it is an essential tool – a “must-have” – for all professionals and individuals who want to inhabit the digital space that surrounds us with greater awareness and less fear.
Though it might seem so, surfing online is by no means private. Every click you make leaves a trace. These traces form what is called a “digital shadow” or fingerprint. Every time you “touch” something online, many actors monitor, collect or intercept what you do. Who are these people?
1. Your Internet Service Provider (ISP): your provider can track all the sites you visit, when you visit them, and for how long. Not only that, but your provider may store and share certain information with third parties (not only the police and judicial authorities, but even advertisers) for a variable period of time, depending on the type of content, the consent you have given, internal policies and legislation (national and European). In Italy, for example, Internet service providers may retain certain data for up to 10 years.
2. Network administrators: if you connect to corporate or public Wi-Fi, e.g. a hotel network, the network administrator can monitor its traffic and thus have access to information on your online activities.
3. Websites and online platforms: many sites collect browsing data, including through cookies (just think of all those pop-ups that constantly interrupt your browsing), pixels and trackers. This allows them to profile you in order to show you personalised advertisements or sell your data to third parties.
4. Search engines: if you use a traditional search engine like Google, Bing or Yahoo, everything you do is traceable – even if you use “Incognito mode”. If you want to keep your searches private, we suggest using non-traceable search engines such as DuckDuckGo, Qwant, Startpage or Swisscows.
5. Hackers and criminals: surfing online exposes you to daily risks, especially when you choose to connect to unprotected public Wi-Fi networks or surf without the use of security tools like antivirus software, VPNs or anti-malware tools. Credentials, emails, bank details, even your identity, are valuable commodities.