“Trusted” is generally a subjective value we place on people and things we believe we can rely on. We base our trust on what we know or assume about how likely they are to let us down.
That’s largely true for trusted delivery networks, too. However, the term also defines a specific type of network, which is distinct from secure delivery networks. A trusted delivery network’s connections are physically secure from interference. A secure network is not physically secure, and so usually uses encryption to protect data.
This post looks at what a trusted delivery network is, how they work, and how it differs from secure networks like secure VPNs.
Trusted delivery networks are physically secure
One trusted delivery network you already use is your office or home network. You can trust it because you are certain:
- Nobody has hacked the router from outside. Thanks to your firewall logs and wireless security systems, you know hackers haven’t accessed your network.
- Third parties haven’t placed malicious devices on the network. Unless your building has been broken into, you know your network hasn’t been compromised.
- All computers on the network are up-to-date and secure. If you or your IT manager regularly maintain your systems, you can be sure all known vulnerabilities have been patched.
In other words, a trusted delivery network is a walled, physically secure network that is fully under your control. It’s this physical security that defines it as “trusted.”
…But the internet isn’t physically secure
What happens when data leaves your trusted delivery network and is transmitted over the internet?
Your ISP’s internet connection is not a trusted delivery network. When using the internet, you know when your data has reached its destination: the web page you requested loads, or your video upload appears on YouTube.
But what you don’t know is: how did the data packets get there? The data is likely to have been routed across a number of delivery networks. That means other people may have seen it, and made a copy.
Trusted VPNs don’t encrypt data
If you want to create a trusted (i.e. physically secure) delivery network across multiple sites, using the internet isn’t an option.
For your wide area network to be “trusted,” it needs to:
- Utilize a private, physically secure network connection between all sites
- Connect only with trusted sites, like the home or office network described above
- Manage and authenticate connections using a VPN
Because they operate on networks where the underlying delivery network is physically secure, a trusted VPN does not use cryptography or tunneling to secure data. Why should it, if you trust that hackers can’t break into it?
The difference between “trusted” and “secure”
Secure VPNs, meanwhile, don’t operate on trusted delivery networks. They require authentication, tunneled connections, and encryption to prevent third parties from seeing your data.
Trusted delivery networks are physically secure, but therefore limited in scope. Secure VPNs keep you safe online.
To return to the above original definition, how “trusted” you consider any network should depend on what you know about it – and how likely it is to let you down.