Whether you run a business or go online for yourself, you probably know that browsing the web can open you and your organization up to all sorts of risks.
By connecting to the internet, you expose yourself and your business to hackers and thieves, who could steal anything from personal information and web browsing history to payment data.
So, when it comes to protecting yourself and your business online, you may have looked into private browsing or choosing a VPN. But which of these is right for you?
What is private browsing and how do you use it?
Private browsing is a feature built into many modern-day web browsers. Many of the major web browsers have them and they are usually easy to access through the File menu. For instance:
- Google Chrome has Incognito mode
- Microsoft Edge has InPrivate Browsing
- Safari has Private Browsing
- Firefox has Private Browsing
- Opera has private tabs built-in
Simply put, private browsing is a method of browsing wherein the browser will not save browser history, search history or local data such as cookies.
Is private browsing really private?
While private browsing will prevent your browser from storing information on your local device or computer, it won’t necessarily stop information from being shared between your computer and your internet service provider (ISP).
It is also possible for third parties to detect traces of activity related to private browsing sessions, which can, in turn, be used to exploit entryways into the operating system.
How safe is private browsing?
Many people believe that private browsing will keep them safe from viruses, malware and hacking attempts and that because local data will not be stored it will protect them from fraud and theft when they enter, for example, financial details or passwords. But this is unfortunately not true.
Because private browsing relies on an internet protocol (IP) address supplied by your internet service provider (ISP), it is still possible for third parties to detect your browsing session and exploit flaws. Furthermore, software bugs, HTML5 APIs and even browser extensions have, in the past, been the source of accidental leaks and have allowed third parties to access search and internet history through private browsing.
The only way to truly protect your search and internet browsing and history data is with the use of a VPN.
What is a VPN and what does it stand for?
VPN stands for “virtual private network”.
VPNs encrypt your internet traffic and your identity online, making it harder for third parties to break in and steal your data.
What will VPN hide your history from?
Ordinarily, when you go online, your internet service provider (ISP) provides your connection. It keeps track of you via an IP address. Your web traffic passes through your ISP’s servers – they can log and see everything you do online.
Your ISP may seem trustworthy, but they could be handing your browsing history over to advertisers, the police or government, and other third parties. Your ISP is also open to breaches: if they get hacked, your personal and private data could be compromised.
This is especially worth considering if you regularly connect to public Wi-Fi networks. You never know who could be watching your internet traffic from the other side, and what they could potentially steal from you — passwords, personal data, payment information, even your whole identity.
How does a VPN work?
A VPN masks your IP address by redirecting it through a specially configured remote server run by the VPN host. So, when you browse online using a VPN, the VPN server becomes the origin of your data. This makes it impossible for your ISP or any other third parties to see what websites you are visiting or what information you are entering. A VPN works like a filter that turns all the data you are sending and receiving into gibberish. Even if someone did get their hands on this data, it would be useless.
What should a good VPN do?
You may rely on your VPN to fulfil one or a number of tasks. The VPN itself should also be safe against compromises.
These are the qualities you should expect from any comprehensive VPN solution:
Encryption of IP address
The first and most essential task of the VPN is to keep your IP address hidden from your internet service provider and other third parties. This allows you to send and receive information online without the risk of anyone except you and the VPN provider seeing.
Encryption of logs
A VPN should also prevent you from leaving a trail, for instance, in the form of internet history, search history and cookies. Encryption of cookies is especially important, as it stops third parties from seeing sensitive information such as personal details, financial information and any other content submitted to websites that you don’t want to be traced back to you.
If your VPN connection suddenly drops, your secure connection will go down too. A good VPN will be able to detect this sudden downtime and will quit preselected programs, reducing the chance of data compromise.
A strong VPN will look to verify anyone trying to log in via a diverse range of authentications. For instance, you may be asked to enter a password and then a code sent to your mobile device. This makes it harder for unwanted third parties to access your secure connection.
The history of VPNs
Ever since people have started to use the internet, there has been a movement to protect and encrypt internet browsing data. The U.S. Department of Defense was involved in projects to scramble internet communication data as far back as the 1960s.
Precursors to VPNs
Their efforts led to the creation of ARPANET (Advanced Research Projects Agency Network), a packet switching network, which in turn led to the development of the Transfer Control Protocol/Internet Protocol (TCP/IP).
The TCP/IP had four layers: link, internet, transport and application. The internet layer was where local networks and devices could connect to the universal network — it was also where the risk of exposure became apparent.
In 1993, a team at Columbia University and AT&T Bell Labs succeeded in creating the first iteration of the modern-day VPN, which was called swIPe: software IP encryption protocol.
The following year, Wei Xu developed the IPsec network, an internet security protocol that authenticates and encrypts information packets shared online. And then, in 1996, a Microsoft employee by the name of Gurdeep Singh-Pall created a peer-to-peer tunnelling protocol or PPTP.
At the same time that Singh-Pall was developing PPTP, the internet was starting to become more popular, and the need for consumer-ready sophisticated security systems arose.
While anti-virus software at the time was effective at stopping malware and spyware from infecting a computer system, people and businesses also demanded encryption software that could hide their internet browsing history.
The first VPNs took off in the early 2000s, but they were typically only used by businesses. However, after a spate of high-profile security breaches, particularly around the early 2010s, consumers started to look for their own private VPNs.
The present day
According to GlobalWebIndex, Between 2016 and 2018, the number of VPN users worldwide increased by over four times. In countries like Thailand, Indonesia and China, where internet usage is restricted and censored, as many as one in five internet users utilize a VPN.
Meanwhile in the USA, UK and Germany, the percentage of VPN users is lower but not insignificant, at around 5%.
One of the biggest drivers for VPN uptake in recent years has been the increasing demand for users to access geo-restricted content. For instance, video streaming services like Netflix, Hulu and YouTube make certain videos only available in certain countries. Modern VPNs allow you to encrypt your IP so that it seems you are browsing from another country, allowing users to access this content from anywhere.
How to stay secure with a VPN
A VPN works by encrypting your online presence. The only way to decipher this encryption is with a key. Only your computer and the VPN know this key, making it impossible for your ISP to tell where you are browsing.
Different VPNs will use different encryption processes, but generally speaking it works in three stages:
- Once online, you boot up your VPN. The VPN acts as a secure tunnel between you and the internet – your ISP and other third parties won’t be able to see into this tunnel.
- Your device will now be on the VPN’s local network, and your IP address can be changed to one of the IP addresses provided by the VPN’s servers.
- You can now browse the internet as you please, as the VPN protects all of your personal data.
What are the different types of VPN?
There are many different types of VPN, but you should definitely be familiar with the three main types:
Remote access VPN
Remote access VPNs work by connecting the user to a remote server. This connects them to a private network.
Most commercial VPNs work on this basis. The remote server is the VPN’s own network. The main benefits of a remote access VPN are that they are quick and easy to set up and connect to, they securely encrypt your online browsing data, and they allow you to change IPs to access geo-restricted content.
This makes them ideal for personal use, however, they may not meet the complex needs of large businesses.
A site-to-site VPN is essentially a private network intended to disguise private intranets while allowing users of those secure networks to access each other’s resources.
A site-to-site VPN is useful if you have multiple locations in your business, each with its own local area network (LAN) connected to the wider area network (WAN), or if you have two separate intranets that you need to share files between without explicitly letting users from one intranet access the other.
Site-to-site VPNs are primarily used in large-scale companies. They are complex to implement and don’t offer the same flexibility as remote access VPNs but are the most effective way to secure communications within and between large departments.
With this form of VPN, the user is not connected to the internet via their own ISP but instead connects directly via their VPN provider.
This essentially cuts out the tunnel stage of the VPN journey. So, instead of using the VPN to create an encryption tunnel to disguise the internet connection that already exists, the VPN can automatically encrypt the data before serving it to the user.
This is an increasingly common form of VPN that is proving especially useful for providers of insecure public Wi-Fi. It prevents third parties from accessing and compromising the network connection, encrypting data all the way to the provider.
It also prevents ISPs from accessing any data that has been left non-encrypted (for whatever reason) and bypasses any restrictions placed on the user’s internet access (for instance, if the government of that country places a curfew on internet access).
How do I install a VPN on my system?
Before installing a VPN, it’s important to be familiar with the different ways to implement them.
Standalone VPN client
Standalone VPN clients require a piece of software to be installed. This software will be configured to match the requirements of the endpoint. When establishing the VPN, the endpoint runs the VPN connection and connects to the other endpoint, establishing the encryption tunnel.
This is the implementation type most commonly found in homes and small businesses.
VPN extensions can be added to most web browsers, such as Google Chrome and Firefox. Some browsers, including Opera, even come with their own built-in VPN extensions.
Extensions make it easy for users to quickly toggle and configure their VPN while they browse the internet, however, the VPN connection will only apply to information shared on that browser. The use of other browsers and other non-browser internet use (for instance, online gaming) may not be encrypted by the VPN.
While not quite as comprehensive as standalone clients, browser extensions may be a suitable option for casual internet users wanting an extra layer of internet security. However, they have proven more susceptible to breaches. Users are also advised to choose a reputable extension as there is the potential for data harvesters to try to use fake VPN extensions.
If you have several devices connected to the same internet connection, you may find it easier to implement the VPN directly to the router rather than to install a separate VPN on each device.
A router VPN is especially useful when it comes to protecting internet-connected devices that are not easy to configure, such as Smart TVs. They can even help you to access geo-restricted content from your home entertainment systems. They are easy to install, offer always-on security and privacy and prevent compromises that may occur when unsecured devices log on to your network.
However, they can be harder to manage if your router does not have its own user interface, which could lead to them blocking incoming connections.
A custom solution that requires personalized creation and support, a corporate VPN is typically only found within enterprise-level corporate environments and is typically built bespoke by the IT team. The key advantage of a corporate VPN is total secure connections to the company intranet and server, including from employees working off-premises from their own internet connection.
Can I download a VPN for my iPhone/Android or other devices?
Yes, there are a number of VPN options available for mobile and other internet-connected devices. A VPN could be essential for your mobile device if you use it to store payment information or other personal data, or if you use internet-connected apps for things like dating, gambling, money transfers or even just if you browse the internet. Many VPN providers also provide mobile solutions – many of these can be downloaded directly from Google Play or the Apple App Store.
Is a VPN really that secure?
It’s important to remember that VPNs do not work in the same way as comprehensive anti-virus software. While they will protect your IP and encrypt your internet history, that is as much as they can do. They won’t keep you safe, for instance, if you visit phishing websites or download compromised files.
When you use a VPN, you are still at risk of:
If any of these were to make it onto your system, they would be able to damage the device regardless of whether you were running a VPN. Therefore, it is essential that you use a VPN in tandem with comprehensive anti-virus software, to guarantee maximum security.
Choosing a safe VPN provider
Furthermore, it is essential that you choose a VPN provider you can trust.
While your ISP will not be able to see your internet traffic, your VPN provider will. So, if your VPN provider is compromised, you will be too.
That’s why it is essential you choose a VPN provider whom you can trust both to share your internet browsing data and to maintain the highest level of security on their end.