During the pandemic, a lot of non-IT people became aware of VPNs to facilitate working from home. They may also have set up a personal VPN or are thinking of setting one up. What I want to discuss here are some things you need to know before settling on a service.
What does a VPN do? Basically it creates an encrypted tunnel between your device and a remote server that your data flows through. When you utilize a VPN all of your web traffic is associated with the remote servers IP which makes it look like you are in another location, thus hiding your true location.
What level of privacy are you looking for? Do you use public Wi-Fi frequently or streaming services like Hulu or Netflix? You will be fine with a reliable provider. But, if you are trying to avoid Government surveillance you are going to have to use multiple tools such as a Tor Browser and The Onion Router and a few others. However, if you have been targeted by a State Actor, it won’t matter what you use.
“Zero Logs” means the provider does not keep “Usage logs” or “Connection logs.” Usage logs record your on-line activity like what websites you visit and the identities you use. Connection logs record the metadata about your connection such as the time you connect and disconnect, how often you connect, how much data you consume, nothing that will identify you. Most providers state this policy upfront, if you find one who doesn’t it’s best to stay away. But keep in mind, you can never be sure if they are tracking you or not.
What coverage does the provider offer? You may want to spoof your traffic as if it were coming from Europe, Asia or South America, if the provider does not operate in those areas then find another provider.
Free vs Paid service. VPNs are supposed to protect your privacy by making you anonymous on the internet. Some sites will log and then sell your data to the highest bidder, the worst offenders are the free services. This is not to imply that the commercial VPN vendors won’t track you and sell your data just that in most cases you get what you pay for.
How many and what type devices do you plan to use? Does the provider allow for multiple connections across disparate operating systems such as tablets, cellphones, and laptops? You may also choose to use a WRT-Router which will allow you to install a VPN onto it which will cover all your connected devices at once.
Does the provider offer a VPN kill switch? This feature adds another level security by immediately disconnecting you from the internet should your IP address change or you lose connectivity to your VPN Service. This will keep you from suddenly being trackable if something goes wrong.
Is Tech Support available 24/7? At some point, you may need it.
The bottom line here is to figure out what you need and your due diligence to find the vendor that meets your needs. By John McGaha, Enterprise Security Systems Engineer, AFSOC C2MS