Virtual Private Networks (or VPNs) have long been a favourite of the enterprise IT world, because they give employees a completely secure way to connect to their office networks from anywhere in the world.
But increasingly, consumers are jumping on the VPN train too, thanks to the additional privacy that VPNs offer -- sometimes you just want to surf the web anonymously. Now that it turns out almost any Wi-Fi network can be hacked, if you haven’t considered using a VPN, you should start; it’s one of the few ways to keep your private info, well, private.
Before you subscribe to a VPN service, there are a few things you need to consider beyond price -- the cheapest service may not the best one for you…
VPN 101
Think of a VPN as an invisible tunnel you create between a device and the company that provides the VPN service. Once the tunnel has been set up, every single bit of information that is sent from or sent to your device, goes through that tunnel.
"Think of a VPN as an invisible tunnel you create between a device and the company that provides the VPN service."
The only people who can see that info, are the ones at either end of the tunnel -- everyone else just sees a bunch of meaningless packets of data. Even your ISP doesn’t know what’s inside those packets. Could be email, photos, videos, or torrent downloads… only you and your VPN provider will know. It’s not an absolute guarantee of privacy and security, but it’s the very best protection you can get as a consumer.
VPN vs. DNS
You may have heard people talking about DNS services like Unblock.US, which you can use to get around geofences for services like Netflix and Hulu (though this is getting harder all the time). A DNS service like this is similar to a VPN service in that it routes your internet traffic through a 3rd party I.P. address, making it look like your device is in a different location.
But the traffic itself is not secure. Your ISP would still be able to see it, as would any other party who had the tools to intercept it. A VPN service can secure your information and run it through a different location if you want -- and if the VPN company offers this as an option.
Will it support all of your devices?
Whether it’s for additional privacy or security, any device that connects to the internet should be able to use your VPN. These days, this can include laptops, tablets, smartphones, set-top boxes, smart home devices, e-readers, webcams, and many more. If you want each one to communicate through a VPN, there needs to a way to set that up in the device’s settings.
For sophisticated devices like smartphones or laptops, you can usually download an app from your VPN provider that will take care of creating the secure tunnel once you sign in.
For other devices, it’s less easy. There are no VPN apps for Apple TV, for instance, which means that if you want to secure this device, you’ll have to set the VPN up on your home Wi-Fi router. Similarly, most streaming devices like Nestcam, Sonos, or Roku, do not have any way to natively run their traffic over a VPN.
Ok, so I’ll use my router
Yes, in an ideal world, every Wi-Fi router would be equipped with an easy to use software setting that let you choose your VPN provider, provide your account credentials, and voila, your whole home network would now be safely running via a VPN.
Unfortunately, support for VPN services varies dramatically from router to router, and between manufacturers. The older the router, the less likely it will support your chosen VPN provider. Then there’s the set-up. For people who don’t mind getting their hands dirty and adjusting the advanced settings on their routers, this is fairly straight-forward.
"Setting up VPNs on existing routers can be so tedious."
But again, due to the vast array of routers out there, even if you follow these steps, it might still not work. To further complicate matters, if you use the modem provided by your ISP as your Wi-Fi router, it’s highly unlikely you’ll be able to set up a VPN on it at all.
Setting up VPNs on existing routers can be so tedious that many VPN providers offer Wi-Fi routers that have been pre-configured and are guaranteed to work with their service. These are just off-the-shelf routers, but some have been updated with third-party firmware that makes it easier to install the VPN settings.
They’re more expensive than simply buying the same router yourself, and because the firmware is no longer that of the manufacturer, it will be up to you to make sure it remains up to date -- after all, even routers running VPNs can be become compromised if a flaw in their firmware is discovered.
Do you already VPN?
We discovered, quite by accident, that installing a VPN service on our home router made it impossible for my wife to use her company VPN software on her laptop. This scenario is called a double-VPN, and while not uncommon, it can be painful to troubleshoot when it doesn’t work.
You could find yourself stuck between two tech support groups, each one blaming the other’s system for the lack of compatibility. Given that your employer isn’t likely to change their VPN to make you happy, you’ll be on the hunt for another VPN provider.
Sawing logs
Some VPN providers keep account and activity logs, just like ISPs do. If you’re only using a VPN to get around geographic restrictions on streaming services, this might not matter to you. But if you are concerned about anonymity -- whether for legitimate or not-so-legitimate activities -- you’ll want to make sure that no one can show up at your VPN’s provider’s doorstep with a court order to see what you’ve been doing.
There are plenty of VPN services that guarantee no logs of any kind are kept, and that’s your best protection from those who want a closer look at what you’re doing. Keep in mind, whether or not the VPN service keeps logs, your actual data is still encrypted and secure.
Room for growth
A VPN service is a lot like an ISP, in that the company needs to provide adequate resources on its end, otherwise, you’ll end up with painfully slow -- or non-existent -- connections.
Because a VPN tunnel needs to connect to a physical server, and physical servers can only support a finite amount of tunnels at once, your VPN provider needs to have servers in your geographic region of choice with sufficient capacity.
"Geography can also make a big difference in how your VPN performs."
Moreover, these servers need to be configured to support the kind of activity you want to do. General web surfing and email had very different bandwidth and session requirements than streaming video from Netflix, which is again quite different from doing P2P file sharing or torrenting. Make sure your VPN provider can support your desired use cases, otherwise you could end up with a poorly performing connection.
Where’s Waldo?
Geography can also make a big difference in how your VPN performs. Generally speaking, you want to connect to a VPN server that is physically close to your ISP. If your VPN server is in Hungary, and you live in Toronto, expect a much slower connection than if the server is in Ottawa. A server located in the same city will provide the fastest connections, assuming it isn’t already at maximum capacity.
You may be willing to trade a slower connection for the benefits of a foreign IP address when it comes to privacy, but if you use a VoIP service, like Ooma or MagicJack, you could see dramatic drops in call quality as your voice connection gets routed halfway around the world before getting to where it needs to go. For now, there aren’t any routers that let you choose which traffic runs through your VPN -- it’s all or nothing.
The point is this: Know your geographic needs and whether or not your chosen VPN service can accommodate them.