Hi, before we start straight into the inner workings of a VPN, I think it is a good idea to familiarize yourself with the basics of what a VPN is and what it does.
VPN stands for Virtual Private Network. As the name implies, it provides users with a virtual network that is private so that they can connect to the internet in a way that is safe and secure.
Essentially, the ultimate goal of a VPN is to keep your private information private.
We highly recommend you read to this whole article for a more in-depth explanation of what a VPN is.
But how VPN exactly do that?
How a VPN works
A VPN works by routing your device’s internet connection through your chosen VPN’s private server rather than your internet service provider (ISP) so that when your data is transmitted to the internet, it comes from the VPN rather than your computer.
The VPN acts as an intermediary of sorts as you connect to the internet, thereby hiding your IP address – the string of numbers your ISP assigns your device – and protecting your identity.
Further, if your data is somehow intercepted using Man in The Middle Attack, it will be unreadable until it reaches its final destination.
A VPN creates a private “tunnel” from your device to the internet and hides your vital data through something that is known as encryption.
The basics of VPN encryption
Encryption is the term used to describe how your data is kept private when using a VPN.
Encryption hides information in such a way (basically transforming it to gibberish) that it cannot be read without a very strong password, which is known as a key.
This key basically breaks the complicated code that your data has been turned into. Only your computer and the VPN server know this key.
The process of decoding your data is known as decryption, which is the process of making the encrypted information readable again through the application of the key.
As an everyday example, when you enter your credit card details into a shopping website, that information is encrypted and rendered unreadable until it reaches its end destination.
Different VPN services use different kinds of encryption processes, but put simply, the VPN encryption process goes something like this:
- When you connect to a VPN, it is through a secure tunnel where your data is encoded. This means that your data is transformed into an unreadable code as it travels between your computer and the server of the VPN.
- Your device is now seen as being on the same local network as your VPN. So your IP address will actually be the IP address of one of your VPN Provider’s servers.
- You may browse the internet as you please, safe in the knowledge that the VPN acts as a barrier, protecting your personal information.
How effectively your data is encrypted is dependent on the protocols of your VPN provider’s encryption mechanism, which we will talk more about later.
How much or how little your VPN affects your device will be dependent on the kind of software you opt for.
Many VPNs will work directly with the settings of an operating system – such as Windows, Mac OS, iOS, or Android – so that every app that connects to the internet – such as browsers, banking, or social media apps – are protected.
Standalone VPN Services
This is the VPN most commonly used by homes and small businesses, and it’s the type offered by Namecheap. It uses an application that creates an encrypted connection to the private network that you can then utilize to connect to the internet at large.
Some VPNs work as a browser add-on. There are a plethora of add-ons you can install to browsers like Google Chrome or Firefox, while Opera comes with a built-in VPN.
The downside of this is that your data will only be protected when you’re specifically using that browser.
Other apps will not be protected. Furthermore, browser VPNs tend to be a little more vulnerable and IP leaks can occur.
If you do decide to opt for a browser add-on or extension, it’s best to stick to reputable companies that offer other VPN services, too.
There are a lot of shady browser add-ons out there, avoid a scammy, data harvester by reading reviews and always reading the fine print of its terms of service.
Another way to implement a VPN is through a VPN-enabled router. This is ideal if you have several devices you want to protect as it will protect every device connected to the router, saving you having to install the VPN individually.
Furthermore, you’ll only need to sign in once; your router will always be connected to your VPN.
Connecting your router to a VPN isn’t as difficult as you may think.
First of all, you’ll need to sign up for a VPN service then you’ll need a router. The most convenient kind of router to get is one that is designed to support VPNs right away, without you having to do anything more technical that entering your VPN details. These routers can be slightly more expensive than regular routers, but the convenience is worth it.
Organizations often use a remote-access VPN for employees who work remotely. Through this VPN employees can securely access the company’s private intranet, often by using a password and an app. This is a custom-created solution that requires personalized development and heavy IT resources.
So we’ve discussed how a VPN works and some different ways to implement a VPN, but why exactly should you use a VPN?
What does a VPN do for you?
Most people will probably agree that the basic tenets of a VPN are a good thing. It’s vital to the success of the online world. That said, many people delay getting a VPN, considering it inessential or, worse, unnecessary. They shouldn’t.
A good way of illustrating the necessity of a VPN is to show just how exposed you are when your internet connection is not encrypted.
How data is transferred with and without a VPN
From shopping and paying bills to banking, so many everyday acts are rapidly moving online. As a result, we’re transmitting very important information, such as credit card details and social security numbers, day in, day out.
By not using a VPN, you’re not quite shouting your most sensitive information from the rooftops, but it is a little like leaving your front door open with your personal information conveniently laid out on a table right inside the door.
Maybe you have good, honest neighbors that won’t come in and take what is valuable. It’s natural to want to believe in the goodness of our neighbors.
That said, there’s a likelihood that one or two of those neighbors will have a more malicious intent. And even if there isn’t, do you really want to take that risk by not closing your door and locking it tight?
Think of the internet as a neighborhood, except instead of houses, there is a collection of servers. These servers store the internet’s countless websites and communicate with each other constantly and have access to your data as you browse the internet.
You may not care about some of this data, but you should certainly be worried about more sensitive data like your online banking details.
You might think that HTTPS does the job, but it’s ok.
For the uninitiated, HTTPS secures information communicated between a person’s web browser and a website. It is indicated in green the browser address bar and also by a padlock icon. While this does indeed provide added security while web browsing, your data will still be vulnerable, particularly if you’re using public Wi-Fi. Going back to our house analogy, it’s a bit like closing your front door but failing to lock it. It’s better than keeping your front door open, sure, but security definitely could be tighter.
Whether you’re connected to the internet in public or at home, without a VPN you are exposed to a myriad of vulnerabilities. When you’re browsing at home, your ISP can see everything you do and is probably logging it. Places with public WiFi hotspots, such as coffee spots and airports, are very vulnerable to hackers who can easily set up fake but convincing hotspots.
On the other hand, when you use a VPN, your data is not exposed. The origin of your data will be your VPN server. By using a VPN your online actions will not be tracked and logged by ISPs and unsavory hackers, nor will sensitive information be taken. Even if data is intercepted, it is encrypted, so it looks like nonsense to anyone without a decryption key.
Common reasons for using a VPN
People use VPNs for countless reasons. Some of these reasons are specific, while some people just have a VPN as another layer of security in addition to a good antivirus program and practicing generally sensible internet usage.
- As previously mentioned, a common reason to use a VPN is to prevent anyone – from ISPs to public Wi-Fi hotspots– from tracking what you’re doing online.
- Another reason many like to use a VPN is to gain access to region-restricted content, whether that be a TV show on your country’s Netflix, or to get around a certain jurisdiction’s internet censorship laws.
Ultimately, why people use a VPN is to have greater anonymity online. In a day and age where revelations of public data being used in shady ways have become a daily occurrence, keeping private information private is more vital than ever.
How secure is a VPN really?
Like with any online software or service, the security of a VPN will be reliant on a number of factors. In the case of VPNs, these factors include:
- The kind of technology the provider uses
- The laws of your jurisdiction
Let’s start by taking a look at the different kinds of VPN protocols available right now.
A VPN protocol is basically the technology your VPN service uses to ensure you get the fastest and safest possible connection to the internet. Combining encryption standards and transmission protocols, a VPN protocol determines how your data is transmitted between your device and the VPN server.
The main VPN protocols in use today are:
- Point-to-Point Tunneling Protocol (PPTP)
Created by Microsoft, this is one of the oldest protocols used on the internet today. As such, it’s only really useful if you are using it on an older Windows operating system, though it is fast and easy to deploy. However, if a VPN service offers just this, it isn’t recommended.
- Layer 2 Tunneling Protocol (L2TP/IPSec)
This protocol is a combination of the previously mentioned PPTP and the L2F protocol by networking hardware company, Cisco Systems. It creates a more secure data tunnel than PPTP, but doesn’t actually have encryption or privacy capabilities. As such, it is often bundled with IPSec, which is a security protocol.
- Secure Socket Tunneling Protocol (SSTP)
Another VPN created by Microsoft, this is the VPN equivalent of the protocols used by websites for encryption purposes. A very secure protocol, only the two parties involved in the transmission of data can decode it.
- Internet Key Exchange, version 2 (IKEv2)
A newer, more secure version of L2TP, IKEv2 was also born from a collaboration between Microsoft and Cisco. Like it’s predecessor, it is often bundled with IPSec. This protocol is particularly effective on mobile devices.
OpenVPN is an open-source VPN technology and is widely seen as the best around. Don’t let the term “open source” put you off, all that means is that countless developers are constantly improving the technology, and anyone can use it and modify it to their needs, whether that be individuals or companies. Its effectiveness has been put to the test numerous time through high-profile audits. OpenVPN is one of the most popular protocols and is considered the most secure, offering the same protection as the previously mentioned protocols, but on a greater scale.
Before deciding on what VPN provider to go for, it’s a good idea to see what protocols they offer and if they suit what you will be using your VPN for.
The law and VPNs
The security of your VPN may very well depend on the laws of the country you’re residing in or the laws of the country where your VPN’s server and company headquarters are located. This is because the laws of a particular country will affect how you are allowed to use VPN technology and how different companies are permitted to use VPN technology.
Because the laws surrounding VPN usage are still somewhat new and still evolving, they can be interpreted in innumerable ways. If you are located in North America and western Europe, VPN use is generally permitted. VPN usage is a somewhat gray area in many countries, such as China, Iran, the United Arab Emirates, and Russia. While VPN use is not outright illegal in some of these countries, VPN use is restricted.
For instance, in China, it is illegal for businesses to use a VPN without a license and it is illegal for businesses to offer VPNs without a license. In Russia and Iran, only government-approved VPNs are allowed to be used. In United Arab Emirates if you are found to have the fraudulent IP address you could be fined or jailed. VPN use is banned completely in Belarus, North Korea, Iraq, and Turkmenistan.
If you reside in a country where the law around VPN use is unclear, even if you’re not necessarily accessing content that is frowned upon or illegal, the act of using a VPN in itself could get you into a lot of trouble.
Depending on the country a VPN provider is located in, the company may be legally required to keep logs of your internet usage. They may also keep a record of your payments. This means that even though you have been using a VPN, your data is still being stored and could even be used for reasons you did not approve of later on.
Avoid this by always reading the fine print in your VPN’s Terms of Service. A VPN may wax lyrical about providing you with the ultimate secure internet browsing experience, but it’s better to be certain than to go just by their word.
As well as that, a good rule of thumb is to opt for a paid VPN rather than a free option. While many free VPNs can change your geolocation, few offer proper data encryption and data logging is common, with companies often selling your data to third parties.
Key considerations before choosing a VPN
Hopefully, you now have a better idea of how a VPN works. Before we send you on your merry way, here’s a checklist of things to look out for before you choose a VPN:
- Is it free or paid? – When it comes to a secure, speedy service, it really is worth it to pay for a VPN. Many free VPNs tend to offer only the PPTP protocol which, as we said earlier, really isn’t very effective these days. They have fewer server locations and less bandwidth to offer. Very often with these free options your data is tracked and sold to third-party businesses. Paid VPN options more often than not have more powerful security protocols on offer than their free counterparts. A good paid VPN should have more server locations and more bandwidth, providing you with a faster service. They will also have customer support on hand if you run into any issues.
- Are VPNs legal in your jurisdiction?
- Where is the VPN server located?
- Does the company log your activity?
- Does it protect your whole device or is it just an add-on?
- What are the protocols of the VPN’s encryption mechanism?
- The number of servers and amount of bandwidth a VPN service has – if both are low it could make for a very slow web-surfing experience.
When is a VPN necessary?
It’s really a no-brainer when it comes to internet security. Erring on the side of caution is the wisest decision. But when it comes to how to set up a secure connection, simplicity for the user is also key. VPNs are easy to set up, and easy to use.
From the average internet surfer to small business operator, this added element of protection will put your mind at ease. Getting into the practice of adopting new methods that will secure your data is highly recommended. Take a look at all the reasons you need a VPN and how they apply to your online activity.
You use Public WiFi frequently
You’ve probably heard by now that public WiFi is a hangout paradise for hackers. Therefore, why would you entrust your internet connection to a cafe, an airport, a hotel lobby or even an AirBnB? Hotspots are weak on security so they can offer a wide public access, but the average user has no idea who owns the connection, or who else is using that connection at any given time.
If you’ve signed on at your local Starbucks, your computer is broadcasting to everyone else on that network that you’re online too. A hacker can eavesdrop on that activity and exploit or alter your data.
You shop or bank online
Like most people these days, you’re probably logging onto your bank account online instead of going into a brick-and-mortar office during working hours. Your credit card information and banking passwords are extremely vulnerable whether or not you’re logging on using a public WiFi or your home office.
You may be asking yourself why a VPN is needed if HTTPS connections are secure. HTTPS secures your communications between you and a particular website. That website still knows your ISP, but a VPN hides your ISP.
A VPN encrypts all traffic between you and the internet, including sites that may not use SSL encryption, not just one website like HTTPS.
Therefore while HTTPS uses a secure protocol, it is limited to the website itself, whereas a VPN covers you for your entire online usage period no matter what websites you’re reading, purchasing from, or working within to share data with colleagues.
It is not exaggerating to say that conducting any financial activity online without a proper security strategy in place is naive at best. Shield your private banking and purchasing information form thieves with a VPN.
You work remotely
The benefits of the modern age of technology are vast, but a standout is the ability to work anywhere in the world, at any time, without the need to walk into a corporate office and sit in a cubicle all day. Advertising executives, sales teams, conference leaders and more can check in to work, host meetings or send presentations from anywhere.
Given this ease of communications, security is the one key element that you need to conduct business on-the-go.
It’s not surprising that more and more globally distributed teams are required to use a VPN to access company data remotely. The office server holds proprietary information relevant to that company and therefore they’ll want to be protected when their employees are accessing work remotely.
VPNs for large companies require customized solutions from large-scale providers, so they may not be in reach for most people, but a solution like Namecheap’s allows smaller offices to keep internal data private.
You care about your customer’s data
Given that employees working remotely at global corporations use company VPNs, this should inspire small business owners and freelancers to follow suit. You may not need your own custom-built VPN solution yet, but as a business owner you should be using a VPN whenever handling correspondence, and you should insist that those you work with take similar steps.
Using a VPN to keep client information such as addresses and payment methods secure is a simple way to ensure that your reputation stays secure.
SSL vs VPN
HTTPS vs. VPN is a battle that makes very little sense. Both are important means of internet protection, and there is absolutely no conflict between the two.
HTTPS and VPN similarities and differences
Importantly, HTTPS is set by the owner of the website, and the user has no control over it. Some sites are available via HTTP and HTTPS; in these instances, always opt for HTTPS. To see if the site you are browsing has HTTPS enabled, look for a green lock on the left-hand side of the browser (URL) bar.
HTTPS provides authentication of the website and its associated web server, which protects against man-in-the-middle attacks. Additionally, it encrypts communications between a client and server, which ensures the communications between a user and website cannot be read or forged by any third-party reader.
With HTTPS, nobody in between the website and the user can read the data, not even a VPN company.
A VPN is set up by the user and works on every website or application online. A VPN creates a secure tunnel between a computer and the internet, allowing anonymous browsing. A VPN gives users the ability to appear to be anywhere they choose and will circumvent any internet restrictions in place.
When you are connected to a VPN, your ISP only sees that encrypted traffic is passing through VPN servers, but it cannot decipher the data or know which websites you have visited.
HTTPS will encrypt information you enter into a website, but it won’t disguise your location or offer any privacy protection. It will also not offer any defense against internet censorship.
A VPN will encrypt communications between your computer and the VPN servers, hide your IP address and location, and grant access to the whole web, but it won’t protect you from the information you share willingly, like a credit card number typed into an unsecured browser page.
In short, HTTPS is a fantastic encryption protocol, and a VPN is a must for the privacy-conscious and those who wish to view the whole internet without restrictions. It’s not a case of VPN over HTTPS. The two work well together—a marriage made in cyber heaven.
Famous Free and Premium VPN Softwares
Windscribe is our top pick for the best overall free VPN. With a generous data cap, excellent speeds, decent server choice, and a strict no-logging policy, this is the best all-around free VPN that you’ll find.
Most free VPNs place a limit on how much data you can transfer per month, and some also cap how much you can transfer per day. Windscribe has a fairly generous cap that allows 10GB of transfer each month, with no daily limit.
If you’re brand new to the world of virtual private networks, TunnelBear is the VPN that you’re looking for. VPNs don’t get any easier to use than this, and you can get up and running almost instantly even if you have absolutely no prior experience.
Virtual private networks usually slow your connection down, and free VPNs sometimes place artificial limits on your connection speed. Speedify bucks that trend, as their turbocharging technology can actually increase your connection speed in some cases. This feature is available in the free version of the service, which is why it’s our top pick for speediest free VPN.
If you use a lot of data on a lot of different devices, Hotspot Shield is a great free VPN with a generous data allowance. Free users are provided with about 15GB of data per month, which beats out most of the competition, and you can use the service on up to five devices.
Hide.me is the free VPN that takes our pick for the best privacy and security. They feature a strict no-logging policy, and they’re located in a jurisdiction that can’t legally force them to record your data. They also feature a high level of encryptionfor a free VPN.
Most free VPNs, and even some paid VPNs, block BitTorrent. Others only allow P2P connections on a limited number of servers. SurfEasy is an alternative that allows P2P connections without upgrading to a premium plan.
SurfEasy free accounts are fairly limited. Free users are limited to 500MB of data, can only connect to servers in four countries, and don’t get access to any of SurfEasy’s advanced protections and features.
Paid users gain access to additional torrent protection, which further hides your identity when using P2P connections, but free users aren’t blocked from torrenting. Free users can also gain access to additional data, from time to time, through promotions that SurfEasy runs.
In addition to working with BitTorrent, the free version of SurfEasy is sometimes also capable of unblocking Netflix, which is rare for a free VPN.
SurfEasy is available on Windows, macOS, Android, iOS, and they also have plugins for Chrome and Opera.
We tried to give you some information that most of the time new users want to know. If anything that should be in this guide is missing, please let us know via your valuable comments.