If you’re interested in digital security and privacy, you’ve probably heard about VPNs. Yet many people I talk to are confused about what a VPN is, whether they should use one, and which one to use. I’m here to explain what a VPN is, when you should use one to protect your security and privacy, and how to choose one.
Are you in a hurry and looking for a VPN recommendation? Check these out:
ProtonVPN offers secure VPN through an encrypted VPN tunnel, so your passwords and confidential data stay safe, even when you are using public or untrusted Internet connections.
Private Internet Access provides state of the art, multi-layered security with advanced privacy protection using VPN tunneling. It helps block unwanted connections, hide your IP address, and defend yourself from data monitoring and eavesdropping.
When Do You Need A VPN Overview
Imagine you’re in second grade. You want to send a secret note to a friend across the classroom. You write your message on a piece of paper, then fold it in half. There are five kids between you and your friend. Do you dare pass it across the room?
That scenario is similar to unencrypted network communication. If you browse to an unencrypted website (if the address starts with http:// rather than https://), the traffic you send and receive can be seen (and stored) by anyone between you and the webserver.
This problem has become much greater with the massive increase in public Wi-Fi. When you’re sitting in a coffee shop, you’re sharing the Wi-Fi network with several others. When you’re in a hotel, conference venue, or other large gatherings, you could be sharing the Wi-Fi with hundreds of others. Anyone of them could be monitoring, collecting, and maybe even altering network traffic.
If you’re using an encrypted (HTTPS) website, the data you send and receive is encrypted, but your ISP (Internet Service Provider, such as Comcast or Spectrum) and others may still be able to see (and store) your DNS requests and other data, so they’d know that you browsed certain domains. For example, they can see that you browsed to DefendingDigital.com, but they can’t see which pages you read. Also, some websites encrypt the login page, but not the rest of the site. That will protect your username and password, but any data you send to and receive from the site after that will be visible to eavesdroppers.
I’ve been talking about browsing websites, but there’s a lot more we do online than browse websites. Think of the programs on your computer, or the apps on your mobile. You usually can’t tell if those are using encrypted connections, and many times, they aren’t. That means that here too your data could be seen by others using the shared Wi-Fi.
Videos That Demonstrate Public Wi-Fi Dangers
How to Improve Your Security And Privacy
Let’s go back to the second-grade classroom. Imagine that this time you write your message in a secret code. You then drop it into a long, clear tube, and the note slides down the tube past your classmates, and lands on your friend’s desk. When your friend gets the note, they pull out a decoder that allows them to read your message. Even if your classmates look through the tube and see your note, it looks gibberish. This is similar to what a VPN (Virtual Private Network) does.
What is a VPN?
A VPN sends your device’s Internet traffic through an encrypted tunnel between your device and the VPN service provider so that no one can see the traffic. That includes other people using the shared Wi-Fi, the ISP, and other parties that are between you and the VPN server you’re connected to. The VPN acts as a middleman, connecting you to the public Internet, giving you increased security and privacy.
Your VPN provider will have several exit nodes, which are the places that its servers connect to the public Internet. Your traffic beyond those exit nodes will traverse the Internet normally (the way it would if you weren’t using a VPN). If the traffic would normally be encrypted, it still will be. If it would normally be unencrypted, it still will be. If you need end-to-end encryption, you need to use sites and apps that use HTTPS or other end-to-end encryption, such as a secure messenger.
When you use a VPN, websites see you as having the IP (Internet Protocol) address of the VPN provider, rather than the IP address you’d normally have without a VPN. So when websites try to read your location, they’ll be inaccurate. If you use a VPN server that’s located outside your country, you may deal with website restrictions, especially related to streaming media or downloadable media, because such sites are often geographically restricted. If this is a concern, you may want to choose a VPN service that has servers in your country, and maybe even your state/province.
Because of how a VPN acts as a middleman, routing your traffic to potentially distant locations, you may notice a delay when using a VPN. That delay will vary based on the location of the VPN’s servers, and the plan you’re using.
Some websites are suspicious of VPN users (because VPNs can be used by people with malicious intent), so sites may challenge you with CAPTCHAs and other methods more frequently.
There are many VPN providers, which I’ll discuss in a couple of minutes. Some have free options, which are usually limited.
To use a VPN, you install the VPN provider’s app on any device you need it, whether a computer, tablet, or phone. Or, you configure the VPN settings in your device. Some routers can be set to use a VPN and route an entire home’s traffic through the VPN.
This FBI video briefly explains what a VPN is, and what to look for in a VPN provider:
When Should You Use a VPN?
There are several scenarios in which you should use a VPN.
You should use a VPN whenever you’re using someone else’s network (wired or Wi-Fi). In other words, when you’re not using your home Internet connection or your mobile/cellular data. You may use your mobile data directly through your mobile, or by connecting your computer to a mobile hotspot, or by tethering your computer to your phone).
If you’re concerned about your employer monitoring you, you can use a VPN at work. But, first ensure that this isn’t against your employer’s IT policies, or you could get into trouble (even legal trouble).
If you’re concerned about your ISP monitoring you, whether that’s your ISP at home, or your mobile data provider, you should use a VPN whenever you’re connected to that ISP.
Are you safe to use shared Wi-Fi without a VPN as long as you only browse HTTPS sites?
Not completely, because even when you browse HTTPS sites, the data you send and receive is encrypted, but your ISP and others may still be able to see your DNS requests and possibly other data, so they’d know that you browsed certain domains, even if they can’t see what you looked at on those domains.
Also, it’s easy for you to tell when websites use HTTPS, but it’s not always easy to tell if programs and apps are encrypting their connections. If they’re not, that traffic can be easily monitored by other parties.
Which VPN Should You Use?
Because your VPN has the ability, if they choose, to see all the network traffic you send through it, you need to trust it! Look for ratings, reviews, and recommendations from digital security and privacy experts.
Questions to Ask When Considering VPN Options
- What is the VPN provider’s reputation for security and privacy?
- Does the VPN provider keep traffic or connection logs? If the provider’s policies say they make data available to law enforcement, that means they log.
- Where are the exit nodes located?
- How fast is the VPN connection?
- How much data can you use each month?
- How many devices can you use on your account?
- What is the reliability?
- What happens when the VPN is unavailable? Will your device send traffic straight to the Internet (fail open), or will it completely stop sending and receiving traffic (fail closed)?
- What is the cost of the VPN service?
I like ProtonVPN. It has a free plan that has “Medium” speed (whereas their paid plans have “High” speed). Users of the free plan are put on separate servers that tend to be heavily used, though I’ve only had a few times that they’ve been so full that I need to switch to a different server. ProtonVPN’s apps are open source and have been audited by a third party. ProtonVPN is recommended by a few digital security and privacy experts I follow.
ProtonVPN offers secure VPN through an encrypted VPN tunnel, so your passwords and confidential data stay safe, even when you are using public or untrusted Internet connections.
I also like Private Internet Access (PIA), which is also recommended by a few digital security and privacy experts I follow.
Private Internet Access provides state of the art, multi-layered security with advanced privacy protection using VPN tunneling. It helps block unwanted connections, hide your IP address, and defend yourself from data monitoring and eavesdropping.
There are many other options. These are recommended by the digital security and privacy experts I follow:
- ProtonVPN (my #1 choice; listed above)
- Private Internet Access (PIA) (my #2 choice; listed above)
- TunnelBear
- Mullvad
- NordVPN
- ExpressVPN
- F-Secure FREEDOME
- OpenVPN
- TorGuard
- VyprVPN
You can find lists of VPN providers, and more details about them, in the Additional Resources section below.
When Do You Need A VPN – Final Thoughts
VPNs can significantly improve your information security and privacy, hopefully, this guide was able to help you identify if you’ll need a VPN or not. In case you do, then we highly suggest you consider getting a ProtonVPN as the company behind it is very trustworthy and reliable.
Additional Resources
- How to Choose a VPN for Digital Privacy and Security (consumerreports.org)
- VPN Services (privacytools.io)
- Detailed VPN Comparison (thatoneprivacysite.net)
- Choosing a VPN (thatoneprivacysite.net)
- Express VPN Review – check out ExpressVPN review here
What You Should Do
- Think about how you use the Internet. From what locations do you access it? From what devices?
- Research the VPN options that fit the use cases you’ve identified. Use the resources in the Additional Resources section above. See also the Questions to Ask When Considering VPN Options above. I like ProtonVPN and Private Internet Access (PIA).
- Sign up for the VPN service you selected.
- Install the VPN provider’s app on any device you need it, whether a computer, tablet, or phone. Or, configure the VPN settings in your device.
- Whenever you’re not using your home Internet connection or your mobile/cellular data, activate your VPN. When you no longer need it, you can deactivate it.
ProtonVPN offers secure VPN through an encrypted VPN tunnel, so your passwords and confidential data stay safe, even when you are using public or untrusted Internet connections.
Private Internet Access provides state of the art, multi-layered security with advanced privacy protection using VPN tunneling. It helps block unwanted connections, hide your IP address, and defend yourself from data monitoring and eavesdropping.
TorGuard protects you from hackers, net censorship, identity theft, and ISP's monitoring activities. It provides easy to use services that protect your online identity.
ExpressVPN hides your IP address and encrypts your network data so no one can see what you're doing. You can access any content, no matter your location using ultra-fast VPN servers.
TunnelBear encrypts your internet connection to keep your online activity private and anonymous. It's very easy to use for both consumers and teams.
Windscribe helps you browse the web privately as it was meant to be. It encrypts your web activity and blocks ads for a better web browsing experience.
SurfShark enables you to access the Internet anonymously. It prevents malware and phishing attempts, and blocks ads for a better web browsing experience.
NordVPN provides a secure VPN service for everyone. It keeps your data safe and helps keep your online identity anonymous.
One serious problem that many users experience using a VPN is that Microsoft Office applications cannot establish remote connections through most VPNs. Although I did hours of Internet research on VPNs for personal use before buying one (I chose NordVPN), none of the articles mentioned this important fact. Microsoft has introduced many new features into both Windows and their Office desktop applications to integrate them seamlessly with OneDrive, but none of them can connect to OneDrive through a VPN, and there is no specific commitment from Microsoft or any of the VPN providers to solving this problem. Also, the problem isn’t specific to OneDrive; Outlook cannot connect to a mail server through a VPN, either. I don’t know which VPN providers do or don’t have this problem, but my reading on the subject suggests that most, if not all, of them have the same problem. Put another way, I haven’t read about any VPN provider that doesn’t have this problem.
If you know something about this issue that I don’t, I would very much appreciate an update or correction. Otherwise, if you publish an article in the future about VPNs for personal use, I hope you will consider mentioning this as something a person should understand about using a VPN on a Windows device, especially if they’re using any Microsoft Office applications.
Ralph, thanks for reporting this, as I wasn’t aware of it. I just did some searching and see many have experienced the same problem with NordVPN and other VPNs. There’s an Office365 UserVoice idea with 130 votes to fix this. In my searching I found several suggested fixes, as well as people saying that NordVPN Support offered various solutions, some of which worked, while others didn’t. Here are some resources you may want to check out:
If you find a solution, please comment again to share the solution with others!