NordVPN: Enhanced online security arsenal for SMEs and remote workforce

The company offers next-gen encryption, strict no-logs policy, as well as advanced privacy features.

Citizens and businesses in Hong Kong are no strangers to cybercrime, with more than 7 in 10 SMEs having experienced a cyber error or attack in 2018, according to a Chubb survey.

Digital transformation amongst industries in financial services, retail, medical, and manufacturing, has created a huge playing field for unethical hackers and opportunists looking to steal data and account details by compromising desktops and mobile devices.

As enterprises and workforce embrace a new norm involving social distancing measures and remote work arrangements, vulnerable SMEs and startups that lack the necessary cybersecurity know-how and tools have become easy targets for cyber criminals.

Laura Tyrell, Head of Public Relations at NordVPN, reckons that businesses can’t turn a blind eye on cybersecurity and employees need company-wide tools such as antivirus, firewalls, and VPNs.

A virtual private network or VPN effectively grants work-from-home employees encrypted access to servers, systems, and databases that otherwise could only be accessed at an office. With a VPN turned on, threat vectors can be minimised, leaving little room for malicious entities to snoop on what people do online.

In an interview with Hong Kong Business, Laura gives insight into how small and large companies can better protect their resources, as well as the company’s slew of solutions, including a bug bounty programme to keep its services free of any vulnerability, in collaboration with white-hat hackers.

Can you give us a brief background about NordVPN? How many SME or startup clients do you have in Hong Kong, and in which industries do they belong?

NordVPN is the world’s most trusted online security solution, used by over 12 million internet users. We offer next-generation encryption, strict no-logs policy, lightning speed, and advanced privacy features to ensure secure access to all online resources. Our users can choose from a wide range of over 5,500 servers in 59 countries.

Our business VPN solution NordVPN Teams has been protecting many companies’ networks worldwide, and Hong Kong is no exception. Our clients belong to a wide range of industries from health services to law firms, including innovative startups.

Chubb in a survey said that 71% out of the 300 SMEs polled experienced a cyber error or attack in 2018, with 52% unaware of the threats they face. Based on your own data, can you give us a background of what the situation is for SMEs in Hong Kong in terms of threat vectors, attack frequency, and damage costs?

Both citizens and businesses in Hong Kong aren’t strangers to cybercrime which has been booming around the world for quite some time. Interestingly, cyber criminals in Hong Kong often target SMEs and startups, as they usually lack the basic cybersecurity skills and tools. Those operating in financial, retail, medical, or manufacturing markets - are the most targeted.

However, the recent coronavirus outbreak proved that not only small companies, but even big corporations are not ready to accommodate their employees with security solutions, such as VPN. For example, during this period, interest in our business solution NordVPN Teams grew almost 170%. This shows that companies were trying to purchase VPN solutions at the last minute.

Work-from-home arrangements give rise to privacy concerns due to unsecured WiFi connection. How can employees/employers practice due diligence to avoid any attack or breach while at home? Why is it important for small businesses to invest in VPNs now more than ever?

When at the office, everyone uses the same WiFi connection, so it’s easier to ensure secure communication and secure access to all of the internal resources. However, when working from home, people tend to forget about the necessity of online security. For example, the latest research by NordVPN reveals that 62% of people are using personal computers to work from home. This is causing great concerns as most private laptops are not equipped with proper security software.

Additionally, home WiFi networks are often less secure. It can take only a few minutes for hackers to intercept such private networks. And that’s why businesses should take care of their employees’ cybersecurity by providing them with company-wide tools like VPNs, firewalls, and antivirus.

A VPN encrypts users’ internet traffic and protects privacy, and that’s why it is so important during stressful times. A VPN effectively grants employees working from home encrypted access to servers, systems, and databases that otherwise only could be accessed at an office. With a VPN turned on, it is more difficult for malicious actors to snoop on what people do online.

However, it is also advised to protect home WiFi routers with strong passwords, use secure browsers and messaging apps, encrypt sensitive work files in storage and while sharing them with colleagues. But most importantly, employees should be aware of the necessary safety measures, cybersecurity trends, social engineering and phishing attacks.

What’s your take on the vulnerabilities found in free VPNs, and what makes NordVPN a cut above the rest (in terms of speed and system compatibility)?

Free VPNs come with a fair share of drawbacks—after all, there’s nothing completely free these days. So if you’re not paying for it, the developers need to make money in other ways. This comes in the form of ads, or even less ethical forms of monetisation, such as stealing your bandwidth or malware. Most of the free VPN services tend to collect users’ data and sell it to third-party advertising companies or the authorities. That’s why before signing up, users should always check service policies and learn about how their data is being processed.

Reliable providers, like NordVPN, invest in their products and infrastructure; thus, their service has its cost too. Our developers team at NordVPN spend a vast amount of time on features and different applications. That’s why you can expect much higher connection speeds and use NordVPN on all major platforms, including even Android TV and Linux.

Your rates are competitively low cost as per most reviews, which begs the question of privacy and security. What are your thoughts on this?

Our top priority is customer privacy and security. However, it takes more than just promises to be a world-leading VPN. That’s why we were the first to complete an audit of our no-logs policy. This audit was performed by PricewaterhouseCoopers AG, Switzerland—one of the best known global auditing firms. Last year, we also completed our app security audit, partnered with a leading US cybersecurity consulting firm VerSprite, and constantly performed internal security audits.

We are doing everything to make sure that our clients are as secure as possible. NordVPN is so confident in its product that it became the first and so far the only VPN service provider to launch a public bug bounty programme where ethical hackers are invited to probe our service.

For those interested in a full-on internal company VPN, particularly well-funded startups, how much would it cost?

It depends on the number of accounts a company is acquiring. Our business solution NordVPN Teams has special offers and up to 60%-off deals for SMEs, NGOs, young companies, startups, and other organisations.

What are your future plans? What other products (NordLynx?) are in the pipeline for the HK market?

Last year, we launched three new services: a file encryption tool NordLocker; a password manager NordPass; and a VPN solution for businesses NordVPN Teams. We are glad that all our products are available for the users in Hong Kong.

But of course, NordLynx is the most significant technological improvement ever introduced to our customers, and the VPN industry. It is a next-generation VPN protocol that makes NordVPN the fastest VPN in the world. And we’re not planning to stop. Our R&D team focuses on new technologies that could bring online privacy and security to the next level.

We are currently working on a solution which can detect malware before it lands on the device, and block a range of third-party trackers and cookies. We are also planning to implement a new traffic obfuscation technique, and many more exciting things, which are a bit too early to talk about.