Do You Need a VPN at Work?

Should You Use a VPN at Work?

Not familiar with VPNs? Basically, they’re online services that hide your IP address and encrypt your Internet traffic. That’s just a simple description, though. They can do much, much more for you.

Is there any reason you should be using a VPN at work? Three, actually:

1. Access Blocked Sites

Want to check out your Facebook Messenger inbox or listen to your favorite band’s album while you work on YouTube?

Well you can’t. Your boss told the network admins to block those sites, and many others too.

Don’t worry – a VPN can help. It hides your IP address, which is the key to bypassing firewalls. Here’s why:

• When you connect to the company network, it assigns your device an IP address.
• That IP address has firewall rules linked to it. So certain outbound and inbound traffic is restricted with it.
• When you use a VPN, you get a new IP address that has none of those restrictions. So you can freely browse the web.

2. Hide Your Web Browsing

Let’s say you don’t need to unblock any sites. Well, the IT staff can normally monitor your Internet browsing at work. You access websites through the company network, after all. 

So if your boss wants, he/she can see if you connected to Facebook when you weren’t on your break.

If you use a VPN, though, they can’t keep tabs on your traffic anymore. They’ll only see you connecting to one IP address. That’s it. They won’t see any outbound connections to Facebook, Twitter, or YouTube.

Also, they can’t analyze your data packets either. The VPN encrypts all your traffic, and if network admins try to sneak a peek, they’ll only see gibberish (like “Ghd423sadfajhFD435456”).

This is also extremely useful when you unblock sites at work. The admins won’t really know you’re doing it because they can’t see your connection requests.

3. Encrypt Your Remote Connections

This isn’t exactly when you’re “at work,” but when you’re at work on a lunch or cigarette break. You might go to your favorite coffee shop or restaurant, and suddenly remember you forgot to update a file or the status of a task before you left.

So what do you do? Log into the shop or restaurant’s WiFi to do what you need. Problem solved.

Or is it?

When you connected to the company network over the public WiFi network, a hacker could have been eavesdropping on your connection. Here’s the thing – most hotspots aren’t safe. They either don’t use any encryption, or they use exploitable security standards.

So a hacker could use packet sniffers to monitor your traffic over the network. If they’re good enough or you use the network very often, they could eventually steal sensitive data from you (like your corporate login credentials).

Even worse, they could have set up a fake WiFi network, and tricked your device into connecting to it. In that case, they would definitely be able to monitor the data you share with your company network.

If you use a VPN when you connect over public WiFi, though, things are safer. The service encrypts your connection, so nobody can monitor your data – not even if you use a fake hotspot.

Why Do Companies Block Sites on Their Network?

Each business has its own reasons for doing that. According to our research, companies will filter websites because:

• They’re worried you might accidentally connect to a malicious website. In that situation, your device could get infected with malware, which will then spread across the whole company network. Safe to say, the company will suffer a lot of downtime and huge losses if that happens.
• Management believes employees will slack off if they’re allowed to access sites like YouTube, Facebook, or Reddit. Far-fetched? Maybe, but they likely base their decisions on studies like this one which says the average employee spends around five hours each week “slacking off.”
• The workplace has limited bandwidth, and they don’t want their speeds going down because people are hogging it with Netflix, Reddit, YouTube, and other sites. In the eyes of managers, that just leads to a decrease in productivity.

If you know other reasons businesses block various websites on their network, please tell us in the comments.

Does Your Boss Know You’re Using a VPN at Work?

Most online articles and marketing copy will tell you “no.” However, the reality is slightly different.

There’s a chance they won’t know you’re using a VPN. But that’s only if they don’t bother checking employee traffic. If they tell their network admins to flag “suspicious” connections, they can catch on to what you’re doing.

Here’s exactly how your boss can tell you’re behind a VPN at work:

They See the VPN Connection

To use a VPN, you need to go through your workplace network. So obviously, the admins will see your connection to the VPN server.

That doesn’t seem like much, but here’s the problem. They can actually tell it’s a VPN connection.

Why?

Because it won’t have any DNS resolutions (no website name attached to the IP address).

Normally, they’ll see your connection like this:

But with a VPN, they see your connection like this:

See the problem? It’s only an IP address. There’s no website name attached to it, so there’s a chance the network admins will become suspicious.

In addition to that, they’ll also see the port your connection uses. And some VPN protocols use specific ports – IKEv2, for example, uses UDP ports 4500 and 500.

True, protocols like SoftEther, OpenVPN, and SSTP can use port 443 (the HTTPS port), but that stands out too. Usually, port 443 + an IP address with no DNS resolution = a VPN connection.

They Might Have Remote Access to Your Computer

If the IT team uses remote administration software, they can take over your computer’s screen unannounced if they suspect you’re using a VPN. So they can easily catch you browsing blocked sites.

What’s more, the IT staff can also use spyware to monitor employee activity on work computers. Or software that takes screenshots at random intervals.

If you’re allowed to bring your own laptop at work, this isn’t a problem, though.

Can Your Boss Stop You from Using a VPN at Work?

They actually can.

One thing they can do is tell network admins to block the IP address of the VPN server. If they do that, you can’t connect to it anymore. You can connect to the next server to solve the problem, but they might block that IP address too (and the next ones as well).

If you use a work computer, the IT team could also outfit it with software that stops you from installing anything on it (like a VPN client). They could even stop you from installing plugins (so no VPN extensions either).

Besides that, your company could use DPI to detect OpenVPN traffic, and block it. VPN obfuscation can help in that case, but the IT team can still block server IP addresses.

Can You Torrent with a VPN at Work?

In theory, yes, but in practice not all the time. If you can’t install additional software on your computer, you can’t set up the torrent client and the VPN. If you can, there’s a chance the antivirus protection on your device will flag and quarantine the torrent client. 

And if that’s not a problem, the IT team might regularly check work computers, and they might find the torrent client.

But let’s say they do none of that. You’re free to install torrent clients, and you don’t need to worry about anyone checking your work computer.

Even then, there’s a problem – how much you torrent. Don’t forget – the IT team can see your connection to the VPN server. And they can see how much data you exchange with it.

If you only download an old game that has an .iso of around 300 Mb, that’s not so bad. But if you download a 1080p BlueRay season of The Office, the admins are gonna be very suspicious when they see you downloaded 50+ Gb in a day.

Similarly, if you try to seed, the IT team will become suspicious when they see a constant upload stream from your connection to an IP address that obviously belongs to a VPN server.

So the bottom line – avoid torrenting at work. Only do it if you really, really need to download a small file right then and there, and it can’t wait until you get home.

“Can’t I Just Use the Corporate VPN at Work?”

Well no. It wouldn’t really help you with anything. With a corporate VPN, you connect to the company’s servers. You might get a new IP address, but it will likely come with firewall restrictions too.

Even if the corporate VPN were to somehow let you unblock any site you want, your boss could still catch you in the act. Corporate VPNs normally don’t offer end-to-end encryption, and the IT team can read your traffic on their end.

What’s the Best Way to Use a VPN at Work?

Considering your boss can easily catch you using a VPN on the company’s time, you should avoid using it non-stop. 

The easiest way to stay under the radar is to use the VPN in short bursts. If you need to check something on Instagram real quick, use the VPN and immediately disconnect from it when you’re done. Then run it again when you need to unblock another site, and quickly disconnect when you’re done.

If you do need to use it for prolonged periods of time (like listening to hour-long YouTube compilations while working), have a good excuse ready. For example, say you used the VPN to do some quick online banking, and forgot to disconnect from the server.

Also, a very smart and correct way to make use of a VPN at work is to use it when remotely accessing company data on public WiFi.

Of course, if your company has a strict no-VPN policy, don’t use one. You can’t outsmart the IT team, and really, watching a YouTube video isn’t worth losing your job.

Warning about Using VPNs on Work Computers

We strongly advise against doing that. There’s a good chance the IT team has remote access to your computer. Similarly, they or even HR managers can check your activity on the computer after you leave.

Even if your workplace doesn’t ban VPNs, you should still avoid using them on work computers. If the IT team set up keyloggers on the device, they’ll have your VPN login credentials.

We believe it’s only safe to get a VPN at work if you can use your own personal device.

What about Remotely Accessing Your Home Computer Instead?

It can be a solution, and you won’t stand out as much as when you use a VPN. The idea is to set up software like TeamViewer on your home computer and the device you use at work.

Then, just use your work computer to remotely access your home computer. You should then be able to use your home network to browse the web as you please without leaving a trace.

The IT team will see the connection, sure, but they likely won’t find it as suspicious as a VPN. Maybe you’re using it to check some work-related documents on your home computer, for example.

But (and it’s a big one here), you shouldn’t use this method if you have to use an assigned work computer. Again, the IT team could use keyloggers. If they do that, they’ll have your TeamViewer login credentials.

Them having access to your VPN account is bad, but not as bad as them being able to remotely access your home computer.

Do You Make Use of a VPN at Work?

What do you use the VPN for, and do you do anything in particular to make sure you don’t stand out too much?

If you have any tips to offer, or want to mention things we didn’t cover in this article, go ahead and tell us in the comments or on social media.

Related Posts

• 

  How to Know If Your Phone Is Hacked

• 

  What Does a VPN Hide? (And What It Doesn’t)

• 

  Can ISPs Block VPN Connections?