You're Wearing Your Credit Card Number on Your T-Shirt

You're Wearing Your Credit Card Number on Your T-Shirt

There was a TV commercial in the recent past that showed people wearing T-shirts that had things like "My social security number is 123-45-6789" and "My credit card number is 1234-4321-5544-110" written on them. These days, you have to be careful with your credit card information and other vital personal information to prevent people from stealing your identity, taking your money, and driving up the cost of doing business.

When you connect to the Internet, connect to a server in the corporate network, and then view sensitive data, it really is just like wearing your credit card number on your T-shirt. The packets do pass through your ISP, and possibly several others.

The WAN cables do go outside where anyone can physically touch them, assuming they're willing to break the law. You are exposed, but thankfully, you can do something about it.

There are lots of movies with spies or bank robbers in which the bad guys have ended up stealing what they were after, only to find out it was worthless. In networking, you can send packets, knowing that other people can steal a copy, but you can make them worthless through encryption.

Encryption allows a computer to apply a mathematical formula to some data, sending the results of the mathematical function over the network. The computer receiving the data can then re-create the original data by decrypting the data. Anyone who looks at the data when it's encrypted can't read it. The data just looks like a bunch of random bits and bytes. The only way to tell what the data looks like is to decrypt the data, and to decrypt the data, you need a secret password called an encryption key. Of course, you don't let anyone know the encryption key, so the data stays private.

These days, it is somewhat common for users to encrypt data before sending it over the Internet. However, most people don't just call it encryption; instead, they call it a virtual private network (VPN).

The enterprise network at Barney's company is a private network, with all the components inside privately controlled office space. The Internet is public. VPNs make the Internet act like a private network, in that there's no danger of others seeing the contents of the packets. Because the packets do go across the Internet, it's still a physical public network. VPNs create a private network, but they do so logically, or virtually, if you will. Figure 17-6 shows an example of a VPN.