True Secure Worldwide access – Personal VPN's!
Share
Yoooooooooo! How are my Security Santas recovering from the holidays? Santa this year gave me what I wanted most...a wonderful time with family with zero Sev 1's reported in any of my domains! YAY!
Man, I love Santa!
Todays post I wanted to focus on something other than AI. Did I just hear a cacophony of boo's? Bah... I know AI is the "new hotness" but researching AI gets suuuuuuuuuper boring for me sometimes. Even though AI might be the "Ribeye meal with all the fixin's", sometimes you just want a burger! So lets burger this up a little!
VPN's...what are they and what do they do? Well, the basic definition is they are virtual private networks (VPN)...what this means in English is simply...they allow you secured and encrypted communications between you and whomever you are connecting to. Originally intended to allow you secure access to your companies files and servers, VPN's have grown into a life of their own allowing you secure access to global sites that might be regionally blocked off to you. They allow you to surf without worrying about your ISP being able to snoop what you are looking into. They allow for travelers to securely access their data when travelling and connection to airport WIFI's which are by definition sus! Some even allow you to block ads as part of their offering. For grayhats, they allow you to test security as if you were attacking from far off lands! Long story short, you want a VPN...you need a VPN...a VPN will complete you! Awwww, how sweet...and we aren't even close to Valentines day yet! Lol!
Some of you might think that your companies VPN connection might protect you...and it just might. This being said I want to advise that there is a thing called "Split-tunnels"...what split tunnels do is only protect the access to the companies data...all other data goes through your normal internet. Essentially, you have split in your secure tunnel, only protecting some traffic and not all traffic. So if you have thought that you were protected by your companies VPN while surfing the internet might not really be protected if the admin set it up to allow for split-tunnels.
Why do Admins do this horrible thing? Speed...if they didn't then all your traffic would route through their proxy and if that proxy is in, lets say, Los Angeles and you are traveling in the UK trying to surfing the local yelp, then your requests travel all the way to LA before hitting yelp if split-tunneling is not turned on. That's usually the reason for split tunnels...there's cost implications, probably a few more, but speed and cost are the two biggies we normally see.
Another reason why not to fully utilize the corporate VPN is that all of that traffic you log while surfing at home, if done through a VPN that does not enable split tunnels is captured on your corporate systems...this being said, there is no IT person on this planet that I know who has time to arbitrarily search those logs, its still a little unnerving to have the fact that you watch "My Little Pony" reruns incessantly...what? Don't judge me. 👀
This is why we need our own VPN's...to protect our surfing from prying eyes when we travel and at home. It also has an added benefit of being able to block ads and <cough> watch "Rick and Morty" reruns which for some reason are not available here! Come on Netflix, get it together!
LEGAL DISCLAIMER: Using a VPN to bypass geo-locking on any website will break the terms of service...so you "really shouldn't" do it. Its a "bad precedent" to set and you should "play fair" with those "service providers"...oh man, I feel like I need a shower after that last bit. Any who, back to breaking geofencing...erm, I mean, back to protecting yourself using VPNs!
So now that you want to get yourself a VPN, the question becomes...which one?
First off, don't use a free VPN. No. Nope, Nein. Le Nope. Não. 不 (Simplified Chinese). For that matter, don't use "free" anything when it comes to security, especially VPN software. Free software means they are selling your data...for VPN software that data is your surfing history...ergo, unless you want to have My little Pony ads followed by Rick and Morty ads, then use a private VPN!
So which one do I use? I use different ones to test them out for my clients and I have my top VPN contenders ready for your consumption! In no particular order, here they are!
First off, ProtonVPN! Proton has a whole slew of security minded services, starting with email and expanding to all sorts of other offerings, including VPN's! Having followed this company for years now, I can say that their approach to security is top notch as they believe in security from the top down is paramount to creating trust. This tool is for pros only as support is crazy hard to convince (impossible) to unlock your account if you don't have your backup codes. So when you lock away your backup codes, make sure you know where! Otherwise your data is gone. Also note that they salt their hashes so that even they cant see your data! Bravo Proton, Bravo indeed!
Second one I want to mention is Mozillas VPN. If you have a hankerin' to support FOSS (Free and Open Source Software), then supporting the Mozilla Org is definitely one to look into in terms of support. While not "free" nor even one of the less expensive VPNs out there, it will allow you to sleep at night knowing that you are supporting one of the last truly great open source initiatives out there...if this sounds like you, then also think about supporting the Wikipedia foundation. Supporting certain foundations like this allow me to sleep soundly at night!
Last one I want to bring to light is Private Internet Access. Their biggest claim to fame is the supporting of different linux distros...ohhhh and the little fact that they have successfully defended in court their "no logs" stance twice in an American court...They were ordered to turn over logs and, well...if there are no logs recorded, there is nothing to turn over! Their dedication to privacy is pretty top notch!
Some of you might ask why Nortons, or ExpressVPN, or NordVPN, or <insert other marketing based VPN's out there> did not make it onto my list. Well mostly because I don't give recommendations based on how much they advertise with me...I give recommendations to my clients based on what truly helps them. ExpressVPN and NordVPN might do a decent job an if you want me to review them please feel free to ask. This being said, I personally have a big issue with the "Norton-ification" (or McAfee-ification) of security software. I have an immediate distrust if you rely heavily on marketing to push security software. This being said, if a fair number of you want me to look into those products, please write in!
That's all for now, thank you for sharing some of your day with me and VPN's. While this list is consumer focused, there are architectural options that allow for my enterprise clients to get the same security, the same global reach, but whose reporting stays within the business...please feel free to reach out for any help!
Contact Us to learn more!