It seems like everyone offers a Virtual Private Network (VPN) service these days. With the rising demand for true anonymity on the internet, service providers with suboptimal routing pathways, and increased demands for privacy and security, just about everyone recommends the use of a VPN. Whether you're new to the concept or you've been operating from a proxied IP for years, verifying and ensuring the security of your connection will always be a top priority.
Some of the responsibility for a secure VPN rests in the hands of the service provider. There are steps that the provider can take to ensure “true” anonymity and security. The other half of the equation rests in the hands of the VPN user. There are a variety of settings, protocols, and options that can be configured to provide the maximum amount of security and privacy on most VPNs.
What makes a VPN service secure?
When evaluating the security of a VPN service and its connection, you're going to be looking for a few things:Administrative Logging:
- Administrative Logging: Whether or not your IP and its activities are logged and stored by the VPN service. Different services will have different policies on this, and just how secure your privacy is will vary from service to service. Some countries impose additional restrictions on the number of days logged for VPN activities, while others may have no restrictions.
Tunneling Protocol:
- Tunneling Protocol: Different protocols offer different amounts of encryption security and connection speed. Services that offer a variety of protocols are going to be more flexible and allow you to select the connection protocol that fits your own security vs. usability needs.
Consistent Connection and Uptime:
- Consistent Connection and Uptime: For most paid services, this won't be a concern, but every VPN suffers the occasional drop in connection or a server down. In order for your location and activity to truly be protected, you need to have a constant connection to the service itself. Whenever your connection drops, you fall back to your own personal internet connection. There are ways to mitigate the privacy impact of this loss in connection, but the first line of defense is a good service provider with a high percentage uptime and a consistent connection.
Selecting a good VPN (like Surfshark) with strong security policies and a verified track record is important, and ensuring you look carefully at each services' offerings is the first step in securing your VPN connection.
A closer look at VPN service security
Logging Policies
This may be the most important aspect of privacy and security when it comes to your VPN service. The entire idea behind running your connection through a VPN is to maintain anonymity and drastically reduce the likelihood that your activities or identity can be obtained by malicious individuals. The most effective way for a service to provide this level of security is to maintain zero logs on your activity.An actual “zero-logging” policy is virtually impossible to find. It's the nature of networking that some activity needs to be logged in some capacity for service and diagnostics. You're going to be looking for a service that has a minimal amount of logging and concrete policies on the way this information is handled.
Again, this can vary based on the country the service is located as well as the policies of the service itself. While searching for a VPN, you'll want to carefully examine the Terms of Service for each provider. Look for specifics on how long your information is retained, what is logged, and in what situations this information can be provided to others. This includes official requests from government agencies. The less information that can be given and the shorter it's retained the better.
Protocols
Most VPNs will offer multiple tunneling protocols to connect to their service. The popular options are Point-to-Point Tunneling Protocol (PPTP), Layer-2 Tunneling Protocol (L2TP), and OpenVPN. Each has its own advantages and disadvantages, and you'll need to select a service that offers the protocol that fits your needs.PPTP connections are fastest, but also offer the least amount of security. For a large number of users, this may even be the preferred choice because its lower security overhead provides faster data transfer. If you're seeking a more secure option, take a look at the other protocols.
L2TP is going to be the slowest but offers strong security. Its speed is lessened by the slow encryption used by the protocol, resulting in a trade of raw speed for security.
OpenVPN creates a balance between security and speed. It's fast enough for the vast majority of users and also offers comparable security to the L2TP protocol.
Connection and Uptime
Networking is not an exact science. Switches can die, the software can have bugs, and data can slow to a crawl. A service provider with a well-established networking infrastructure will be able to get around most of these events and provide consistent uptime to their customers.For the majority of paid services, uptime shouldn't be much of a concern, but it's always worth looking for more information on how a service is performing in this regard.
How to secure your VPN connection
Once you've selected a service, there are a few simple steps you can take to further reduce the risk of your privacy being compromised. These solutions will generally be configured through the application provided to you by your VPN service, or through a third-party application if you've chosen to not use your service's software.DNS Leaks: Whenever you're on the internet, your computer uses a DNS server to translate web addresses into IPs it can connect to. When you're connected through a VPN, these requests should originate from the location of your VPN. Sometimes you can get a “leak” in DNS resolutions that cause your requests to come from your actual location instead of your VPN. There are websites and applications that can help you monitor for DNS leaks. Many VPN providers and applications give an option to monitor and correct DNS leaks. Check your configuration options and be sure any setting related to monitoring or correcting these leaks is turned on.
IPv6 Leaks: Similar to IPv4, but with far greater address space, IPv6 is used to assign addresses to devices on the internet. The vast majority of the internet is still using IPv4 but sometimes your IPv6 address is used instead. This address may not be protected by your VPN. To stop these leaks, simply disable IPv6 in your VPN applications settings.
VPN Kill Switch: Sometimes you may lose connection to your VPN service. When this happens, your activities become completely unmasked. To prevent the loss of privacy from losing connection to your VPN, go into your connection applications settings and turn on the kill switch feature. This may be labeled differently depending on how you are connecting to your VPN, but you're generally looking for the setting that will disconnect you from any connected servers if your VPN loses its connection.
Test your IP: A simple solution for verifying that your VPN is working properly is to simply go to a website that will tell you your IP. You can find a range of these on the internet, including ones found on speed test sites and major internet service providers. Just look to see if the listed IP is your actual IP or not.