0
You’ve heard the advice before: Whether you’re in the office or on the road, a VPN is one of the best ways to protect yourself on the internet. But how effective are VPNs? What’s the best one for you? What are the downsides? Our executive guide aims to answer all your VPN-related questions — including a few you probably haven’t thought about before.
What is a VPN?
VPN is an acronym for Virtual Private Network. The purpose of a VPN is to provide you with security and privacy as you communicate over the internet.
Read also: Online security 101: Tips for protecting your privacy from hackers and spies
Here’s the problem with the internet: It’s inherently insecure. When the internet was first designed, the priority was to be able to send packets (chunks of data) as reliably as possible. Networking across the country and the world was relatively new, and nodes often went down. Most of the internet’s core protocols (methods of communicating) were designed to route around failure, rather than secure data.
In fact, the applications you’re accustomed to using, whether email, web, messaging, Facebook, etc., are all built on top of that Internet Protocol (IP) core. While some standards have developed, not all internet apps are secure. Many still send their information without any security or privacy protection whatsoever.
This leaves any internet user vulnerable to criminals who might steal your banking or credit card information, governments who might want to eavesdrop on their citizens, and other internet users who might want to spy on you for a whole range of nefarious reasons.
A VPN creates a private tunnel over the open internet. The idea is that everything you send is encapsulated in this private communications channel and encrypted so — even if your packets are intercepted — they can’t be deciphered. VPNs are very powerful and important tools to protect yourself and your data, but they do have limitations.
Read also: VyprVPN: Golden Frog’s VPN delivers high-performance, anonymity, and flexibility
How does a VPN work?
Let’s start with the basic idea of internet communication. Suppose you’re at your desk and you want to access a website like ZDNet. To do this, your computer initiates a request by sending some packets. If you’re in an office, those packets often travel through switches and routers on your LAN before they are transferred to the public internet through a router.
Let’s talk about what happens when you use a VPN app on your computer or mobile device. Any VPN app will require an existing network connection to be able to connect to the VPN service provider. This means that even if you set your VPN app to automatically launch when your device boots, there will be a period of time when your computer is connected to the internet directly, not through your VPN.
It is possible for some background services to send information across that initial, unsecured connection before the VPN loads. To be fair, the risk is relatively minor for most usage profiles. If you’re establishing a connection automatically to your corporate server, you will definitely want to check with your IT team about how they want you to set things up.
If you are interested in an added level of protection, there are intriguing gadgets called Tiny Hardware Firewalls. These devices range from about $30 to $70 and connect via a network port or a USB slot to your laptop. They make the initial network connection, and so your computer’s communication is always blocked before it calls out to the internet.
Read also: Net Neutrality is gone. Welcome to the Biased Net
Should I use a VPN on my phone or tablet?
Both Android and iOS come with basic VPN capabilities to allow you to securely connect to your corporate networks. Your IT organization will generally advise you when you should use this feature, but as we’ve discussed, when away from your home or office, and especially if you’re using an open Wi-Fi connection, you should.
If you’re connecting to web applications like email or Facebook, you should consider using a VPN service — particularly if you’re connecting via an open Wi-Fi network. Most good VPN services offer both iOS and Android clients.
Read also: Welcome back, sneakernet: Why net neutrality repeal will drive us to the edge
Do I need a VPN if I’m connecting my phone via LTE?
That depends. Once again, your corporate IT department will let you know their policy for connection directly to their corporate network. Usually, you’ll use the VPN client built into your device’s operating system for that.
But here’s the thing: It’s up to how much you trust your carrier, where you’re located in the world, and how secure you want to be. In the US, the carriers (net neutrality notwithstanding) can generally be relied upon to provide a secure connection from your phone to their network.
That said, it is possible to compromise wireless phone service with a man-in-the-middle attack. This situation occurs when a malevolent actor places a device designed to confuse your phone and cause your phone to connect to what it thinks is the phone network, but, in fact, it’s a device designed for spying.
Outside the US, it really depends on what country you’re in. If you are really concerned about security, simply avoid bringing any devices into a foreign nation that you intend to use after your trip. Those devices can be compromised in country or during customs inspections.
Likewise, if you’re connecting via a nation’s local carrier, that carrier may be intercepting your traffic, particularly if you’re a non-native of that nation. In that situation, if you must connect back to applications and services at home, using a VPN is quite literally the least you can do. Also, keep in mind that if you use your phone’s hotspot to connect your computer to the internet, you’ll want to use a VPN on your computer as well.
Finally, it’s worth reminding you, as we covered earlier in this guide, that some countries consider VPN use illegal. If you’re planning on traveling, be sure to research local laws exhaustively.
Read also: China shores up Great Firewall by going after VPNs
What happens if a VPN connection fails while I’m on a remote connection?
A lot depends on what VPN you’re using, how it’s set up, and where you’re connecting. That said, let’s look at the most likely scenario.
Recall that when you’re online and connected to an internet application through a VPN, there are a few things happening: Your data from your computer to the VPN service is encrypted by the VPN. Your data from the VPN service to the internet application may or may not be encrypted via https, but it’s not encrypted by the VPN service. And your IP address is spoofed. The online application sees the IP address of the VPN service, not of your laptop.
When a VPN connection drops, you might just lose your connection. But because the internet is very good at routing around failures, what is more likely to happen is your computer will reconnect to the internet application, simply bypassing the VPN service. That means that — on failure — your local IP address may “leak out” and be logged by the internet application, and your data may be open to local Wi-Fi hackers at your hotel or wherever you’re doing your computing.
There is a reasonably robust solution to that problem, and that’s next.
Read also: Google lifts lid on FBI data requests: Now you can read actual letters online
What does a VPN kill switch do?
Put simply, a VPN kill switch kills your internet connection if it detects that your VPN’s connection has failed. There are generally two types of VPN kill switches.
The first runs in the VPN client app on your computer, so if the VPN connection fails while the VPN client app is running, that VPN client app can turn off the computer or mobile device’s internet connection. However, if your VPN connection has failed because the VPN client app itself crashed, then the kill switch may not work, and your IP and data may leak onto the internet.
The second type of VPN kill switch is at the operating system level. These are usually driver-level systems that run whether or not the VPN application is running. As such, they provide a bit more protection for your surfing activities.
Given that so many VPN products we reviewed in our directory support a kill switch, we recommend choosing a client with a kill switch feature. There may be a slight annoyance if you lose your connection, but that’s more than made up for in the added security.
Read also: Internet censorship: It’s on the rise and Silicon Valley is helping it happen
What do all those protocol names mean and which one should I choose?
If you’ve been shopping for a VPN service, you’ve undoubtedly come across a bunch of names like SSL, OpenVPN, SSTP, L2TP/IPSec, PPP, PPTP, IKEv2/IPSec, SOCKS5, and more. These are all communication protocols. They are, essentially, the name of the method by which your communication is encrypted and packaged for tunneling to the VPN provider.
For a more detailed review of each, visit our 2018 VPN directory.
Previous and related coverage
A flaw in Hotspot Shield can expose VPN users, locations
The virtual private network says it provides a way to browse the web “anonymously and privately,” but a security researcher has released code that could identify users’ names and locations.
Want more privacy online? ProtonMail brings its free VPN to Android
ProtonVPN comes to Android, promising no malware, no ads, and no selling of user data.
Russia copies China’s VPN crackdown
The president has tightened up Russian internet access laws by prohibiting the use of VPNs.
Related Topics:
Networking
Security TV
Data Management
CXO
Data Centers
0