Tech Talk
Virtual Private Networks / by Mike E. Duffy / September, 2018

Everyone is concerned, to various degrees, with online privacy and security. You’d like to be sure that personal information—like your home address or what you buy from Amazon—is kept private, and that your online banking information is secure from thieves.

Making purchases and handling electronic accounts over a public network (the Internet), which we access through our Internet Service Provider (ISP) means you don’t control who touches the data on its way from your computer to Amazon or Wells Fargo. In theory, anyone along the route can inspect your data, just as anyone at the phone company can listen in on your conversations. Even if someone doesn’t look at your data, a lot of information can be had by looking at your traffic patterns: the websites you access and the phone numbers you call.

Just as there are public networks, there are private networks, which can only be accessed by authorized personnel (typically, members of the same company or group of companies), and where only authorized machines can touch the data in transit. In the pre-Internet days, this was an expensive proposition, since you had to lease dedicated circuits from a communication company such as AT&T to connect physically distant locations. And even then, you had to trust that those dedicated circuits were secure.

The rise of the Internet made it possible to replace those expensive dedicated circuits with a Virtual Private Network (VPN). Using encryption, packets of data belonging to a private network can be sent securely over the public Internet, using the Secure Sockets Layer (SSL) protocol and its successor, TLS (Transport Layer Security). This makes it look as though the company has a single network, where all connected devices have private (non-routable) IP addresses.

To log in to your company’s VPN, your computer must have VPN “client” software. This software ensures that you’re authorized to join the VPN and handles the details of making it look as if your computer is attached directly to the VPN (when it’s really talking securely over the public Internet to the public address of your company’s VPN-capable router). The end result is that you can work securely with your company’s data from anywhere—no one can see the data being transmitted. (Though your ISP can see that you’re connected securely to another address on the Internet).

Many websites now use SSL/TLS by default, so your data is secure even when browsing them from the public Wi-Fi at Starbucks. That’s not the case for sites where your browser doesn’t indicate that you have a secure connection, so never send important information to a website without one. Even if you’re securely connected to a website, the ISP can see that you connected to Some people would rather keep that to themselves.

Enter the consumer VPN, where the only information visible to anyone is your connection to the VPN provider. And now that ISPs can sell data about your connection habits, it may finally be time to consider a VPN of your own. Of course, you have to pay for this service, since free services on the Internet are generally paid for by selling the information they collect about you. If you see an advertisement for a “free” VPN, run!

The cost of a VPN runs from $3 to $12 a month, depending on how long you sign up for and other factors. Currently, top-rated services include NordVPN ($11.95 per month), Private Internet Access VPN ($6.95 per month), and TunnelBear VPN ($9.99 per month). A recent PCMag article ( contains reviews of specific services, lots more details about the advantages of using a VPN, and great deals from these three providers and others.

As you might expect, routing your Internet traffic through a VPN slows your connection speed. For the most part, this is unnoticeable, but streaming services such as Netflix are adversely affected. And due to copyright issues, Netflix is actively discouraging connections to their service via VPNs. (For more information, search Google for “Netflix and VPNs.”)

It’s also important to understand the limitations of a VPN. First, you’re dependent on the VPN operator being trustworthy, even if they say they don’t keep traffic logs that can be hard to verify independently. And if a government organization finds you a person of interest, a VPN provider offers a single point to track your activities, even if they can’t see the data you’re sending. What will your VPN provider do in response to warrants and subpoenas?

Still, for most people, a VPN is a good choice to maintain online privacy and security. Assuming you don’t want the world to (possibly) know what you do online, a VPN is a cheap and convenient solution. But if you’re doing something illegal, it’s not much protection. And if your connection to a website is secured by a VPN, it doesn’t protect data you may provide to the website from being shared or stolen.