Will a VPN help my Quicken info to be more secure?

Currently, I have sync turned off, and only use manual web connect to download transactions from my FI. With that in mind could a VPN be advantageous to me in further securing my QKN data files? Are there any "cons" to using a VPN with Quicken or otherwise?
<please feel free to add the appropriate tag to my post for convenience>
Quicken Windows Deluxe Subscription  R36.45 Build 27.1.36.45

Best Answers

  • Sherlock
    Sherlock SuperUser ✭✭✭✭✭
    edited November 22 Accepted Answer
    The short answer to your question is no and, if the VPN maps to a different country, Quicken may have connectivity issues.
  • splasher
    splasher SuperUser ✭✭✭✭
    Accepted Answer
    Unless you are VPNing into a VPN portal that is at the financial institution, it gets dumped out into the internet at some location and then proceeds to the final destination without the benefit of the VPN for the rest of the trip.
    IMO, The typical VPN just hides your location from the receiver and you are still exposed to the "badies".  Corporations that use VPN for their employees working from home is a different story, the other end of the VPN is inside the corporation's network, so it is as if the employee is at the office, that in my opinion is real security, but that isn't what is happening if you used VPN while you are working with Quicken downloads.
    If you are sitting in a coffee shop doing stuff and you are worried about the person at the next table intercepting stuff, then a VPN will get your information out of the coffee shop safely.
    -splasher  using Q since 1996 -  Subscription  -  Win10
    -also older versions as needed for testing
    -Questions? Check out the  Quicken Windows FAQ list
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    edited November 24 Accepted Answer
    I love how the marketing people for VPN bill it as "security" even while you are home, and even when you are already using a secure connection.

    On that coffee shop example, if all you ever did is connect to https:// sites VPN wouldn't add any security at all.  It is only for http:// sites that it matters (and only from your machine to the VPN server, not from the VPN server to the actual website).

    When you connect to your financial institution you connect over a secure connection, that is exactly the difference between https and http.  Everything sent from your computer to the financial institution and back is encrypted.

    Every connection that Quicken makes is over the https protocol.

    Note that on top of the encryption there is one more very important part of this that ensures there isn't a "man in the middle" (a machine that can view unencrypted data).  If you connect to the coffee shop WiFi (or are fooled into believing you are connecting to it) you don't know if there is machine in between that might pretend to be the remote site establish a secure connection with your computer, and just forward your request on to the real site.

    EDITED for better accuracy of the process:
    That is where the certificates come in.  The holder of the certificate encrypts the data with a private key, and the receiver decrypts it with the public key.  Since only the holder of the certificate/private key can do this encryption that will be decrypted with the know public key, that proves to the receiver that they are in fact talking directly to the owner of the certificate.

    So, it might seem strange but using Quicken on a coffee shop WIFI is secure, whereas connecting to any non https site isn't.  BTW this is why the push for sites to go to https even if they don't seem like they need "secure connections".
    Signature:
    (I'm always using the latest Quicken Windows Premier subscription version)
    This is my website: http://www.quicknperlwiz.com/

Answers

  • Sherlock
    Sherlock SuperUser ✭✭✭✭✭
    edited November 22 Accepted Answer
    The short answer to your question is no and, if the VPN maps to a different country, Quicken may have connectivity issues.
  • splasher
    splasher SuperUser ✭✭✭✭
    Accepted Answer
    Unless you are VPNing into a VPN portal that is at the financial institution, it gets dumped out into the internet at some location and then proceeds to the final destination without the benefit of the VPN for the rest of the trip.
    IMO, The typical VPN just hides your location from the receiver and you are still exposed to the "badies".  Corporations that use VPN for their employees working from home is a different story, the other end of the VPN is inside the corporation's network, so it is as if the employee is at the office, that in my opinion is real security, but that isn't what is happening if you used VPN while you are working with Quicken downloads.
    If you are sitting in a coffee shop doing stuff and you are worried about the person at the next table intercepting stuff, then a VPN will get your information out of the coffee shop safely.
    -splasher  using Q since 1996 -  Subscription  -  Win10
    -also older versions as needed for testing
    -Questions? Check out the  Quicken Windows FAQ list
  • TTSguy
    TTSguy Member ✭✭✭
    @splasher That explains VPN well. Thanks Splasher!
    Quicken Windows Deluxe Subscription  R36.45 Build 27.1.36.45
  • Chris_QPW
    Chris_QPW Member ✭✭✭✭
    edited November 24 Accepted Answer
    I love how the marketing people for VPN bill it as "security" even while you are home, and even when you are already using a secure connection.

    On that coffee shop example, if all you ever did is connect to https:// sites VPN wouldn't add any security at all.  It is only for http:// sites that it matters (and only from your machine to the VPN server, not from the VPN server to the actual website).

    When you connect to your financial institution you connect over a secure connection, that is exactly the difference between https and http.  Everything sent from your computer to the financial institution and back is encrypted.

    Every connection that Quicken makes is over the https protocol.

    Note that on top of the encryption there is one more very important part of this that ensures there isn't a "man in the middle" (a machine that can view unencrypted data).  If you connect to the coffee shop WiFi (or are fooled into believing you are connecting to it) you don't know if there is machine in between that might pretend to be the remote site establish a secure connection with your computer, and just forward your request on to the real site.

    EDITED for better accuracy of the process:
    That is where the certificates come in.  The holder of the certificate encrypts the data with a private key, and the receiver decrypts it with the public key.  Since only the holder of the certificate/private key can do this encryption that will be decrypted with the know public key, that proves to the receiver that they are in fact talking directly to the owner of the certificate.

    So, it might seem strange but using Quicken on a coffee shop WIFI is secure, whereas connecting to any non https site isn't.  BTW this is why the push for sites to go to https even if they don't seem like they need "secure connections".
    Signature:
    (I'm always using the latest Quicken Windows Premier subscription version)
    This is my website: http://www.quicknperlwiz.com/