Use a Virtual Private Network to Secure Your Online Communications

by Eric Gregory and Molly Shakeri

Using a Virtual Private Network (VPN) to connect to the Internet will help make certain that your data communications are kept private from any prying eyes. The encryption technology used by a VPN system ensures that even if someone can see your communication, they will be unable to understand it.

There are two important opportunities to utilize a VPN connection for your university computer use:

• when connecting to the university wireless network
• when connecting to university network resources from off-campus

How does the VPN system work? When using the Internet, many times your data is sent in the clear, which means that anyone along the path can intercept and read it. Similarly, when using a wireless network, signals are broadcast through the air using antennae, and anyone within the radius of an antenna’s signal can intercept the communications. However, a VPN makes use of encryption techniques to establish a secure tunnel across a public network between two endpoints, usually a computer and a device called a concentrator. When you transmit and receive data through the secure tunnel, no one else on the public network can understand the data that you are transferring. For your computer, a software client is needed in order to establish the secure tunnel to the concentrator.

When it comes to your data, it is better to be safe than sorry. The university has deployed a VPN concentrator on the campus network for your use and also provides the client software your computer will need in order to connect to the VPN concentrator. You can download the free client software from the OIT Help Desk Web site at www.helpdesk.umd.edu/topics/applications/vpn.

Voice Mail and Fax Machines Are No Places for Sensitive Information

There has been a great deal of attention recently regarding the storage of sensitive information on computers. Social Security Numbers are being removed as identifiers in systems throughout campus and exposure of those numbers is being reduced to those uses that are required by law. There are two areas that are frequently overlooked when it comes to sensitive information: voice mail and fax machines.

When you leave a voice mail message, do you really know who is going to listen to that message? Are you sure you dialed the correct number? Will the recipient of the message listen to your message with the speaker phone turned on? Does your recipient share a phone or their voice mail password with others? If you need to share sensitive information over the telephone, wait until you are speaking directly to a person and are satisfied that it is the appropriate person to receive the information.

Fax machines are another risk that needs to be considered. What do you know about the fax machine on the receiving end? Will strangers be able to look through incoming messages and read yours? Does your fax machine or the other fax machine store copies of the transmitted documents? Some fax machines double as Web servers and received faxes can be accessed over the network. How well-protected is that server?

To ensure the highest security for your private or sensitive information, you should avoid transmitting it through voice mail and fax machines.

He's a Winner!

Congratulations to Andrew Ordway, winner of last issue's Dell Smart USB Flash Memory Key giveway! Andrew is a sophomore marketing major.

In this issue, we’re giving away two MP3 players donated by Cdigix. For info, visit www.oit.umd.edu/mp3.