You may hear quite a bit about using a VPN (virtual private network) to keep your internet traffic safe and secure. What you may not know about VPNs, though, are the specific ways that they perform this task, and some providers that you can (hopefully) trust. Today, we’ll take a look at some of the safety adding features of VPNs, and recommend a few providers for you to check out.
In this discussion, it’s important to note that VPN usually describes two separate use cases: 1) a VPN that you host on your company’s network would be a way to access your internal network from anywhere; 2) the VPNs we’ll describe here are services that help you stay secure or anonymous while browsing the web.
Putting the Private in Private Network
Many people have started using VPN technology in recent years. What used to be a pretty advanced setup is becoming more easy and more accessible every day. VPN providers often boast that they can protect your private data from a WiFi provider (say, at a coffee shop or hotel) or ISP (your phone or cable company) and keep you one step ahead of tracking cookies and other questionable marketing practices.
When you sign up for a VPN, you’re using the provider as a kind of ISP within an ISP. If you set up your workstation or mobile device to use the VPN, then your device encrypts all of your traffic and sends it to the VPN provider to be decrypted. This means that using a public WiFi hotspot is far less risky, since everything you send over the connection is encrypted, and can only be unencrypted by the VPN provider. It’s best practice to use a trusted VPN provider when submitting any personal data over a public or semi-public connection.
Encrypting your traffic before it goes to your ISP works at home too. It can be handy if your cable company, for example, injects ads or messages into websites that you visit. It gives you added security by making sure that whoever owns the pipe you send your information down can’t unlock it. It’s a good idea to use it on any device that you’d like to keep the information private on.
Controlling Geolocation Data
The major downside to using a VPN is that it can really slow down your connection. If you’re sending all of your traffic to a service somewhere else, or maybe in another country, then the latency can add up and your traffic can slow to whatever the weakest link is (in this longer chain of devices leading to the internet).
The trade-off for selecting a far away service, though, is that your IP address will change based on where your provider is located. For instance, if your VPN provider is in the UK, then you will appear as though you are connecting to a website or service from the UK. This feature is typically used to enable services that are available in one country, but locked in others. Many services have ways of knowing that you’re using a VPN, though, and using a VPN to get around geolocation restrictions has become harder to do with popular services (like the BBCs iPlayer).
As VPNs have become more popular, service providers have done a bit more to make them harder to use for questionably-legal things, like dodging geographically-based blocks. It’s best to keep in mind that VPNs have often been used as protection while engaging in illegal and less-than-legal behavior, so quite a few people (including ISPs and law enforcement) view them as suspicious. As usual, you should use these tools knowing that a state-backed or law enforcement actor that wants to see what you are up to will probably be able to. What the VPN is good for is keeping yourself from being low-hanging fruit for criminal enterprises.
Using a VPN on Desktop and on Mobile
There are typically two ways to set up a connection with your VPN provider: 1) manually setting it up with your operating system’s built-in networking stack; or 2) using an app built by your provider. Usually, the best solution is to use the provider’s app, since it will have features that your operating system doesn’t. For the ExpressVPN or NordVPN app, for instance, you can use the app to change your server (and with it, location) on the fly.
Providers encourage you to use their app, which might also be a sleek implementation of their own proprietary networking protocols (like NordVPN’s NordLynx, which is based on Wireguard). You’ll want to make sure that your potential provider has apps for devices that you use when selecting one. Another feature of the app to look out for is the killswitch, which will automatically stop networking services when you get disconnected from your VPN; this feature is really important because without it, you could start sending unencrypted traffic as soon as there’s a hiccup in the connection to your provider.
Two Top VPN Providers
ExpressVPN is a VPN provider that prides itself on speed and security. They were awarded a CNET Editor’s Choice Award for being one of the fastest VPNs, with good security and value. They were recently bought by a larger VPN provider, Kape Technologies, so some commentators have noted that their stellar privacy track record may not be an indicator of future privacy protections. The current price is very good, though: about $80 per year with three months free, at the time of writing. That also includes a year subscription to Backblaze as well, if you need a little backup space.
Another provider with a good privacy track record and speed is NordVPN. The real advantage for NordVPN, though, is its price. At around $80 for two years, NordVPN is basically half the price of ExpressVPN, while offering much the same experience. One criticism that usually comes up is that NordVPN has fewer client applications that can help you get connected quickly and easily. While I’ve seen other writers mention that NordVPN doesn’t have a client for Linux, for instance, a quick check shows that they do; they are, however, lacking apps for Playstations or some older devices.
Next week we will discuss Todyl which has a wide variety of security offerings including VPN capabilities!
-Written by Derek Jeppsen on Behalf of Sean Goss and Crown Computers Team