Financial advisors, just like most other professionals, need to stay cyber-safe. Securing information both in and out of the office is a priority. A virtual private network (VPN) could be the perfect tool to help protect both your clients’ data and your own.

A VPN creates a software “tunnel” across the internet between your computer and another computer. This is important, because the internet isn’t secure; it’s like the old “party line” telephone system, on which anyone could listen in on your conversation.

Sometimes, your web browser will encrypt data for you if a website asks it to; that way, no one can read your data. But not all websites do this, and not all communications happen between your browser and a website. You might use a mobile app that talks to an online service, or access files remotely using your operating system.

Thousands of people put their data at risk every day by working from home, the cottage or even coffee shops using public Wi-Fi. These networks are all susceptible to eavesdroppers who can read — and possibly tamper with — the data.

This is where a VPN can help. There are two kinds: cloud-based VPNs and site-to-site VPNs.

Cloud-based VPNs are online VPN services offered by service providers such as NordVPN.com (Telfincom & Co. SA) and PureVPN.com (GZ Systems Ltd.). These services encrypt the data transferred between your computer and a VPN that the provider hosts online. The VPN then decrypts your data and sends it to its final destination, such as a trading platform. That means your data spend part of their journey without being encrypted, so what’s the point of using VPN?

The first reason is to shield your data when you are using public Wi-Fi. If you’re using the internet in a coffee shop, others connected to the same Wi-Fi network could eavesdrop on your communications using freely available tools. A cloud-based VPN prevents that.

The other reason for using a cloud-based VPN is for “geo-shifting.” Cloud-based VPN providers don’t have just one VPN; they have many, in a variety of countries. When you connect to one network, it’s as though you’re in that country because it’s the first point at which your online traffic hits the internet.

Consumers typically use VPNs to access geographically restricted services, such as the Hulu video-on-demand service in the U.S. We don’t advocate that practice, but there’s another case for geo-shifting: if you visit a country that restricts certain websites, such as news outlets or social media services, a cloud-based VPN allows you to circumvent those restrictions. If you’re in China, for example, you can access internet services as if you’re in Canada.

These features are attractive, but you can do the same and more using a site-to-site business VPN. These VPNs, suited to users who have at least one permanent office location, enable you to access computers in your office securely from other locations.

Let’s say you have a head office in Toronto and another office elsewhere in Ontario. You also work from the lake a few days each month and occasionally from a nearby Starbucks. You store sensitive client documents on a network-attached storage drive at your head office, but you want to make those documents accessible to advisors in your other offices. You also want to access those files yourself.

You can protect your communications by installing a site-to-site tunnelling VPN in each office. The VPNs encrypt and decrypt communications among those offices, creating a private tunnel among them across the internet that prevents unauthorized people from reading your files.

These site-to-site tunnelling VPNs typically run on a dedicated piece of hardware. That’s fine for fixed offices, but you may not want to install one of these VPNs at the lake and you certainly won’t carry one into the local Starbucks. Instead, in those cases, you’d use a remote VPN client, a piece of software running on your computer that communicates with the VPN at head office. So, your data are safe, wherever you are.

A VPN located in your office also can act like a cloud-based VPN. You can connect to the VPN in the office from a remote location and browse the internet from there. That lets you surf with confidence from a coffee shop. No one sitting nearby can snoop on your traffic.

Setting up a site-to-site VPN isn’t difficult, and there are several options. The easiest is to buy one off the shelf from a company such as Pulse Secure LLC or Fortinet Inc. Another, more involved option is to buy a router that includes VPN capabilities. Or, if you’re tech-savvy, you can even use an existing computer and install an open-source VPN server such as one from OpenVPN.net (OpenVPN Inc.) to turn the computer into a VPN for your office.

A VPN alone isn’t enough to secure your data entirely. Lax security practices still may result in your computer being infected and data being stolen directly from your device. A VPN is just one tool in a broader cybersecurity strategy that should include anti-malware protection and anti-phishing/anti-spam services, along with practices such as regular software updates.