datahacker Blog

Is Your VPN Helping or Hurting You?

If you could sum up the purpose of a Virtual Private Network (VPN) in one word, what would it be? My choice: Integrity.

Of course, I'm talking about data integrity. But, what about the integrity of the VPN itself? Not all VPN methodologies are equal. There is no operating standard; no governing body of VPN certification. None exists. In spite of ample marketing hype found in various forums, VPNs remain firmly in the Wild West of the Internet.

How VPN software is designed and operated very much impacts the integrity of data it is ostensibly assigned to protect. This means - at least in my humble opinion - anyone contemplating using a VPN ought to have a rudimentary understanding of how they function and in particular how one's chosen VPN software works.

Not clear on what a VPN is exactly? Check out my related article, What Is a VPN?

What is a VPN "Provider?"

A VPN "provider" is an organization that provides a VPN service. A VPN service consists of a client software solution end users may utilize (i.e. supports their hardware and operating system), and a remote VPN server the client software connects to in order to establish a VPN connection.

From a practical perspective, a VPN provider is really selling just the server side. You don't need a provider. You can create your own self-contained VPN by standing up a VPN server and a corresponding client. Most people sign up with a provider, who handles the server side of the equation, and use whatever client-side application the provider indicates. Sometimes this is a proprietary system, and sometimes it's an open source solution. It all depends on the provider's choices. Either way, the user is "locked in" to a particular application or choosing from a list. This is not inherently a bad thing. The crucial factors are which choices are available to the user for client software, whether those choices meet their needs, and whether the provider's security practices align with the needs of the end user.

Caveat Emptor

There's a lot of marketing hype for various VPN providers. This is understandable, speaking from experience as an entrepreneur. You need a good marketing plan to stay in business. Putting capitalism aside, it's important for a potential buyer (user) of a VPN to understand what they are purchasing.

Common Cause

VPNs all have the same goal: creating a secure "tunnel" to transmit data. The notion of a "tunnel" is a metaphor to visualize how the real data is contained inside a secure wrapper. Data is encrypted and decrypted on either end (client/server); very similarly to HTTPS and FTPS (Secure File Transfer Protocol) connections.

Outside of that common goal is where things diverge between VPN providers. As the saying goes, "The devil is in the details."

Decision Making Resources

Not sure if you need or want a VPN? Not sure which provider is the best choice for your needs? Check out my articles below that cover these important topics: