If you’ve listened to podcasts or watched videos on YouTube, you’ve probably been pitched a VPN with claims, among others, that it’s essential to your cybersecurity. Without a VPN, hackers, nefarious businesses, and scammers are lurking in cyberspace ready to steal your data and your identity.
But what exactly does a VPN do to help protect your data? And is it worth using?
In this short article, we’ll take a look at the claims, the logic behind them, and make an assessment as to whether or not a VPN is essential, worthless, or somewhere in-between.
What Is a VPN?
For individuals, what is typically meant by a VPN is a remote-access virtual private network. (Larger businesses often opt for a site-to-site VPN configuration.). A VPN enables users to connect – via a public internet network – to a private network. The private network then encrypts and hides the user’s IP address from websites by redirecting the user through a remote server.
While websites, under normal conditions, and internet service providers can see and record the sites you visit and the data you send, when you are using a VPN, they cannot.
Common security claims circulating about VPNs
According to the websites of popular VPN providers, they are marketing their software as an ”online security tool”. They promise to “keep your data safe from prying eyes” with “next-generation encryption”. They go on to insinuate that we should use a VPN when banking or shopping online. One way they claim to provide you with safeguards is by blocking malicious websites.
I have heard affiliate marketers claim emphatically that a VPN will prevent hackers from accessing my data, possibly stealing my identity or my money, that I would be foolish to surf the internet or try to survive working remotely without one.
This begs two questions:
- What security measures would a VPN have access to that an ISP would not?
- And if the ISP has access to the same security measures, what reason would they have to not implement them.
Your Data Is Already Being Encrypted
While VPNs boast that they encrypt your data, the vast majority of websites do that already. HTTP (Hypertext Transfer Protocol) uses military-grade encryption as a standard. If you see a padlock symbol next to the website address in your browser, you know that your data is being encrypted.
While a second layer of encryption isn’t necessarily a bad thing, to propose that it is needed would be to insinuate that the military-grade encryption that is standard in HTTPs is weak or vulnerable.
It’s worth noting that encryption, does not prevent third parties from tracking what you browse. Websites commonly track users by using cookies. If you don’t want websites to track your IP address, a VPN is a good solution. However, you could also adjust the permission settings in your browser to block all cookies.
What a VPN Can Do for You
Besides adding an additional (though perhaps redundant) layer of encryption, a VPN essentially hides or masks your IP address from websites. There are legitimate reasons why you wouldn’t want a website to know your IP address. Among other things, your IP address tells websites where you are located. This could prevent you from accessing content that is not available in your region – be it for marketing or even censorship reasons.
What a VPN Cannot Do for You
A VPN does not block viruses. It can encrypt them just like it encrypts data you send over the network. But that won’t help you if you were to browse an infected site or download infected files.
A VPN does not make you entirely invisible. Unless you have your own server and storage that you run completely on your own, you will have to trust someone with your data, whether that’s your ISP or a VPN.
For accessing content that would otherwise be blocked in the region you happen to be in, a VPN is a perfect and simple solution. This would allow you, for example, to stream content that is region-specific, which is why VPNs are so popular with users with streaming subscriptions from providers such as Shutter or Disney +.
It’s a shame, however, that efforts from enthusiastic VPN affiliate marketers have somewhat muddied the water in terms of a VPN’s actual security benefits. The fear is that it leaves users with a false sense of security and a confused idea of what real cybersecurity threats they should be concerned about and what effective solutions they should implement.