This year has been big for the VPN market. Some buyers still remember last year’s Facebook data leaks; others have had enough with geo-blocks. And some, sadly, are threatened by governmental internet restrictions and turn to VPNs for help.
One way or another, cyber security made its way to the broader daylight. Businesses and casual Internet users are buffing up their defenses and look around for possible solutions. Even though the context is grim, it’s a good thing CySec companies are standing up to the challenge of protecting online freedom and safety.
One brand, in particular, has recently expanded its list of products, — NordVPN. In a decade, they have climbed up to be one of the leaders of commercial VPN service providers. Shaken by occasional troubles, they keep improving their product, but this article is not about that. It’s about their three new products:
- NordLocker — file encryption software.
- NordVPN Teams — a business VPN.
- NordPass — A password manager.
This significantly expands their cyber security service scope, and new products are relevant to businesses and concerned netizens alike.
So without further ado, let’s go over each to see what they bring to the table.
NordLocker is a file encryption software that is developed with cloud synchronization in mind. Right now, storage encryption is not that popular among casual Internet users, and BitLocker encrypts most Windows systems. However, BitLocker had some security issues, and storage encryption might become more important when new products emerge, and users get to know their use cases.
So what does it do exactly? Storage or file encryption means that nobody can access the data without providing a password to unlock the encrypted files. This is useful in case one’s device gets lost or stolen — no data can be extracted if it was securely encrypted.
Another thing is cloud security. For example, you upload some images to a cloud, but how can you be sure those images are kept safely? The cloud service you’re using may not care that much about cyber security, or they themselves can access your files for one reason or another. Unless you use file encryption software and upload them in an encrypted form. Then no leak or peeking employee can see what you have there, thus enhancing your privacy.
NordLocker allows encryption of chosen files and gives an option to sync it with the cloud. Furthermore, it encrypts each file separately, meaning there’s no need to back up the whole data-set and re-encrypt it again if you want to add some more. There’s a drop-down menu where you add your files, and overall the design is simplistic.
These files can be shared with another person if you grant them access. Another feature is file modification, — you can modify your data in real-time without decrypting it first. In other words, if you encrypt a text document you can access it and instantly add some text and NordLocker will not interfere in this process in any way.
As other Nord products, the software is based on a no-logs policy. To quote their website
“Your data is not our business. Our encryption system is designed this way so that we wouldn’t be able to see your file content under any circumstances.”
The technical side of the service looks solid, but I lack the knowledge on cryptography, and they released a lengthy document explaining the encryption methods in use, so I’ll let each user read it first hand.
It was only a matter of time until NordVPN adapts its product for business purposes. After all, the very first VPNs were business security-oriented services, that allowed safe remote access to companies’ intranets.
NordVPN Teams is oriented at Small and Medium Businesses (or SMBs.) In the past couple of years, there was a noticeable shift in cyber crime, — SMBs and governmental institutions became the primary focus for black-hat hackers. Also, GDPR and other data-safety regulations are forcing SMBs to improve their cyber security, and that’s where NordVPN Teams jumps in.
First of all, it’s an enhanced “old school” VPN service that is designed for safe remote access to companies’ resources. Those who remember first VPNs will acknowledge the benefits of a minimalistic UX/UI design. Second, early VPNs encrypted and secured only the connection to the database in question, while NordVPN Teams secure all data-flow at once.
Third, it’s optimized for business use, granting a solid amount of static IP address, an account manager, and the ability to create groups and establish different access priorities.
According to online reviews, this service will be using 256-bit military-grade encryption, which is the latest standard in the industry. Also, it will be supplemented by CyberSec and Kill Switch features, automatic connect, and 24/7 customer support. In relation to NordVPN, it would be a safe guess that both services will share the same infrastructure, and Teams is an upgrade to the main product to suit it for businesses.
Last, but not least, is a new password manager. Unlike B2B and storage encryption, this one comes into a well-established market, where LastPass, Dashlane, KeePass (among others) are well-known names. Which in turn means NordPass should be developed no weaker than the other brands for it to sell.
NordPass comes with a secure (although not innovative) infrastructure. All passwords are stored in a vault, which can only be opened up with a user’s master password. The master password is stored locally, and NordPass, as the other two products, also follows a zero-knowledge architecture. Which means no-one, not even NordPass team, can access their user’s passwords, — master password never leaves the hands of the user.
It’s best to remember your master password by heart, but if you lose it, you do have a recovery code. However, you better not lose this one because NordPass will not store it anywhere for security reasons, and if you lose both your master password and your recovery code you will be locked out of your vault forever.
This password manager can also be used on multiple devices without the need for any additional synchronization. There’s a backup of your vault in Cloud. Isn’t it in danger of being breached or leaked? — One might ask. That’s a serious concern; however, the feature is explained in detail on their web page. Password vault is encrypted locally on a device level, so when you upload it to their Cloud, there’s no way to decrypt it because the decryption key remains locally with you. Once again, this is no innovation but an attractive and comfortable thing to have.
Additional features include:
- Biometric identification;
- Password sharing, import, autosave, and autofill;
- Password generator and 2-factor authentication;
- Compatibility with all major web browsers.
All in all, NordPass looks like a fully developed password manager. It probably won’t blow your mind with unseen-unhackable — but it will be comfortable. And coming from a company that’s been swimming in cyber security waters for a decade, the security part will be taken care of.
All in all, we can see many cyber security companies broadening their service scope. Antivirus Giants like Norton or Kaspersky have released their own VPN services. Last year a commercial VPN provider SaferVPN launched a B2B software named Perimeter81. This looks like a natural growth of a still-growing market, and the time will tell who will remain among the best.