X

​Understanding VPNs and how to choose one

CNET@Work: Do you want to browse safely and connect to cloud-based services like email and social networking while working remotely? Then you're going to want a VPN service provider.

David Gewirtz
4 min read

With technology increasingly intertwined with all aspects of business, CNET@Work can help you -- prosumers to small businesses with fewer than five employees -- get started.


So you've just started your new business. Where's your office? Chances are it's everywhere. Since Wi-Fi is available in hotels, coffee shops, restaurants and airports, it's easy and convenient to connect and get work done. But there's a problem: Wi-Fi is a radio signal that can be intercepted.

Don't think that no one's interested in your data. Hackers make money grabbing and selling account information, passwords, and any other personal identifying information they can find. If you have an important client or customer, the more dedicated hackers may even try to use your connection to gain access to your client's network.

"Small business users need VPNs to keep their network traffic private and safe from tampering," advised Kurt Roemer, Citrix chief security strategist. A VPN (virtual private network) creates a private, secure network between your Wi-Fi connected mobile device, websites and anything else you connect. The word "virtual" is part of the name, because a VPN sets up a software-based secure network. "VPNs provide an essential layer of security protection," said Kent Bloomstrand, Chief Technology Officer at CSID, the identity protection arm of the credit reporting company Experian.

Here's a look at what experts recommend you consider when choosing a VPN provider and links to various CNET Commerce listings of services and discounts. CNET may get a share of revenue from the sale of these products and services offered by our partners.

Decide if you're primarily connecting to your home network or to the cloud. If your primary goal is connecting to your home or office network, then you're going to need a router or small server that can act as a VPN endpoint. Some of the higher-end consumer routers provide this, but not all. There are also programs you can run on both Macs and PCs to provide that connectivity, and some inexpensive home servers provide VPN capabilities.

Most people, however, are more likely to want to be able to browse safely and connect to cloud-based services like email and social networking. If this describes you, you're going to want a VPN service provider. The rest of this article focuses on VPN service providers.

Pick a provider that offers secure communications protocols. If you were building a real tunnel, would you want to make it from mud or steel-reinforced concrete? The answer is concrete, because it's far more robust. As in a real tunnel, a VPN tunnel can be more or less secure, and that's based on which security protocol is used.

There was a time when PPTP was popular, but it's now very insecure. You don't want to use it. Instead, look for providers who offer OpenVPN and L2TP/IPsec. In general, OpenVPN is the best choice, but many smartphones don't support it. So if you're connecting via PC or Mac, you'll want to use OpenVPN. If you're connecting via a phone or tablet, look for L2TP/IPsec support. The best VPN suppliers will offer both.

Look for a provider that can protect your privacy. VPNs allow people to search the web, and access websites anonymously, protecting their identities from those who might discriminate or otherwise attack them because of who or what they are. Look for a VPN that doesn't keep traffic logs, has an iron-clad privacy policy, and operates servers in countries outside the reach of oppressive regimes.

Make sure the provider has capacity. If you're using a VPN for your new business, the last thing you want is to be cut off because you've used too much data. Read carefully through the terms of service to determine how much data your provider allows and whether or not your provider throttles bandwidth. If you can, find out how many servers your provider has or whether it runs its network on a big public cloud like Amazon's AWS. When it comes to scale, bigger is better.

Beware fake services. When you select a VPN provider you're trusting the company with your security. Scammers can prey on that trust. Like fake antivirus vendors, email messages, and app stores, there can also be fake VPN services, meant to grab your data as it passes through. That's why it's good to visit sites like CNET and ZDNet, and carefully read reviews as well as reader comments.

In that vein, Sven Dietrich, associate professor at CUNY John Jay College of Criminal Justice and former senior security architect at NASA, said, "A VPN can be of great benefit by securing legitimate business activity behind a somewhat opaque layer, but it can also be an authorized conduit for malicious activity into the small business network."

Avoid free VPN services. As a small business owner counting your pennies, you might be tempted by free VPN offers, but avoid them. VPN providers need to get the money to run their services from somewhere, and if it's not from their users, you can be pretty sure they're selling data about you to someone else. Most VPN services on a scale for a new business will cost roughly $10 a month. If you prepay for a year, you can usually shave a few dollars off your bill.

"Because of Wi-Fi's fundamental lack of security and the numerous readily available hardware and software Wi-Fi penetration tools, data is only as secure as the VPN or lack of VPN it travels on," said Robert Siciliano, security expert with Hotspot Shield VPN.

Ready to find a VPN service? Check out CNET's directory of VPN providers and feel free to comment on your own experience!