We cut through the confusion around this digital tool
VPNs (Virtual Private Networks) are marketed as a way to protect your privacy and get around virtual blockades. Some people use them as a sneaky way to get around region blocks and watch shows that aren’t available in New Zealand, others use them to protect their data while using public Wi-Fi, and some businesses set them up so remote staff can securely access work tools and data.
The tech works well for those purposes, and in most cases, it’s a relatively harmless workaround or useful tool. In schools and kura, the story is a bit different. VPNs can be a way for ākonga to get around the filters, firewalls and monitoring you’ve set up to protect your network, potentially letting them access inappropriate content.
The good news? With the right monitoring tools, you can spot suspect activity and block VPN use on your network. Like everything in online security, it’s all about awareness and vigilance.
Here’s what you need to know:
What is a VPN?
Usually, when you browse the internet, your activity is routed through an IP (Internet Protocol) address linked to your home connection or a public network. When you access a site or app, it can ‘see’ your IP and know where your requests are coming from.
When you sign up with a VPN, it creates a private digital connection between your device and a remote server, which hides your IP address and lets you sidestep online blocks. It’s often described as a digital ‘tunnel’ that lets you browse without exposing personal data or letting online monitors know where you’re located. However, many ‘free’ VPNs – and some paid ones – sell browsing data to advertisers.
There are a number of types of VPNs out there – here’s a small sample:
- Site-to-site VPNs link two networks in separate locations and are often used for secure data sharing between multiple offices or branches in a large business.
- Remote access VPNs let remote users access in-office resources without exposing sensitive business data.
- Cloud VPNs work like remote access VPNs, but let users reach information in the cloud rather than through on-premise servers.
- Personal VPNs let individual users browse the internet without exposing their browsing activity or location. These can be paid or free.
VPNs – risks and rewards
There are plenty of legitimate reasons to use a VPN. Some businesses set them up so staff can use work applications remotely without exposing sensitive business data to leaks or malware. They’re also employed by wary internet users who want to browse securely, particularly if they’re on public Wi-Fi in a library or café.
For schools or kura trying to protect their networks, VPNs aren’t quite so useful. A student who downloads a VPN may access inappropriate content usually blocked by network security without your system flagging the search. Thanks to increasingly tech-savvy ākonga, this is one of the most common VPN issues for schools and kura.
Another risk is the way VPNs function. When you download a free or paid VPN, your device becomes part of the wider VPN network managed by the provider. This is known as peer-to-peer networking, which means traffic from other uses may be routed through your device and IP address. In rare cases, this can mean inappropriate or even illegal content can be linked to your school IP address or devices.
Detection is the best protection
How do you protect your network against tech designed to hide browsing activity and sneak around security software?
This is where N4L comes in. Active VPN blocking is part of our Safe & Secure Internet service – which means your system will block any attempt to download a VPN from a known provider. We subscribe to several services that actively search for new VPNs and add them to our block list, which helps minimise the risk of a student getting around your firewall.
Of course, emerging VPNs make things difficult. With new, sophisticated tech appearing every day, it’s not always possible to detect VPNs before they’re downloaded. However, in the vast majority of cases, we can spot VPN usage on your network, alert you, and help you get the issue sorted out.
Getting ākonga on board
As with any security issue in schools or kura, user behaviour is also a factor. You can block and monitor all you like, but you can’t always prevent risky online behaviour like clicking on a suspect link or trying to view inappropriate content.
Public messaging from security vendors and VPN providers can make things murky, with some promoting VPNs as a way to boost security and protect yourself from malware. While that may be true for business owners, it’s not the case in the context of a school network.
One way to combat that kind of messaging is to educate your users about VPN risks and explicitly mention them in your student user agreements – find out more about educating your ākonga here.
A VPN detection success story
A recent story from one of our schools illustrates the risks of VPNs and the importance of constant monitoring.
N4L’s security team detected malicious and inappropriate traffic on a school-owned computer. Oddly, the issue was happening outside school hours and well into the night when no students or teachers were on the premises. With support from N4L, the school investigated the device and found that a free VPN had been installed that used peer-to-peer networking. Traffic from other VPN users was routed through the school device and IP address, making it look like risky, inappropriate browsing was happening on the school network.
The outcome? The school was able to delete the VPN from the device, removing the threat to the network and stopping inappropriate content at the source.
Tech problems, tech solutions
With VPNs evolving at a rapid pace, your security systems need to keep up. While we can’t spot every single breach, N4L network security includes built-in VPN detection, with constant updates to catch new threats as they emerge. It’s not infallible, but it’s the best way to protect your school network from risky or inappropriate content slipping through the virtual cracks. Find out more about creating a secure network for your school or kura.