If you ask a security professional for tips on improving your privacy and security when connecting to public Wi-Fi or other untrusted networks, the first thing they’ll usually say is “use a Virtual Private Network (VPN).” And while this is a great recommendation, it can intimidate most people. I often hear questions like “is it really necessary,” “where do I even start?” and “how do VPNs really protect me?” This article will cover these questions so that the next time you connect to the internet at a nearby coffee shop or while staying in a hotel on business, you can do so safely and securely.
The Need for a VPN
Public Wi-Fi has really taken off, showing up in places ranging from local bars and the dentist’s office to entire connected cities. Why? Because smart devices have become the epicenter to our everyday personal and professional lives. That said, the convenience of 24×7 connectivity often comes at the cost of security and privacy. Unfortunately, attackers can often easily view, and even modify your network traffic, on unprotected, public Wi-Fi networks. Even using HTTPS doesn’t guarantee you protection on untrusted wireless networks. Attackers have tools like “SSLStrip,” which can sometimes trick your browser into loading sites without encryption.
With full visibility into your wireless network traffic, attackers can sniff out passwords as you log into accounts and steal credit card numbers as you shop. With full control of your traffic, they can even inject malware—such as cryptocurrency miners—directly into responses from websites that you would otherwise trust.
Even encrypted public Wi-Fi that requires a shared key or password isn’t safe if that password is readily available to everyone who wants to connect. Though it requires a little more work, attackers can still use the password to ultimately connect to and decrypt all wireless traffic.
Threats like these are exactly why VPNs are vital when it comes to keeping your information safe while using public Wi-Fi. A VPN connection sets up an encrypted tunnel between your client (whether it be your phone, your tablet, or your laptop) and a trusted endpoint across the internet far outside the wireless network. So, how does it all work?
Getting Started
Before signing up for a VPN subscription service, check with your employer to see if they have a VPN endpoint you can connect back to while out of the office. In some cases, this may even be a requirement when using company-issued equipment on the road. Most IT department will be more than happy to walk you through installing the VPN client for the first time.
For personal equipment and other instances where connecting back to the office isn’t an option, there are plenty of VPN solutions available. Some VPN services like ExpressVPN and NordVPN focus on speed and throughput while others like PrivateInternetAccess and F-Secure Freedome focus more on privacy by not keeping any logs of user activity. Regardless, paying a small monthly VPN subscription will give you better speed and security than other free options.
Most VPN providers use either their own custom VPN client or offer compatibility with the open-source OpenVPN client. As VPNs continue to become more mainstream, ease of use has become a major focus for the major service providers. You can usually find helpful guides that explain the installation and connection processes step-by-step, complete with helpful pictures along the way.
Depending on the provider you select, you can often have multiple options for endpoints to connect to with your VPN client, most of the time with several locations in the United States and even internationally. If speed is your top priority, selecting the location closest to you is usually the best bet. When it comes to security and privacy, the endpoint location matters less than the provider itself.
How It Works
Setting up a VPN for the first time isn’t as difficult as you may think. Let’s use the OpenVPN client on Windows as an example. You can download the OpenVPN client from the official downloads page. Be sure to select the correct version for your operating system (most modern computers have a 64-bit architecture). Because the OpenVPN client installs network drivers for the tunnel, you should right-click and run the installer by selecting “Run as Administrator.”
After installing the OpenVPN client, you will need to download a connection profile from your VPN provider. Check your provider’s documentation to locate this file. The connection profile from your VPN provider may contain one or more files. Copy all of them into your OpenVPN config folder, either “C:\Program Files\OpenVPN\config” or “C:\Program Files(x86)\OpenVPN\config.”
After copying the configuration files into the correct directory, you can launch the OpenVPN client from your desktop, right-click the OpenVPN icon in your System Tray, and select a location to connect to!
By the way, as easy as those steps sound, this OpenVPN install is actually probably the hardest case. Many VPN services, such as NordVPN, come with even easier prepackaged installers. You simply run them with the right privileges, and they take care of all the connection profiles and other configurations in the background.
VPN “Gotchas”
Even with a VPN, from the moment you connect to a public Wi-Fi network to the moment you successfully connect with your VPN, your apps and open web browser tabs can still leak sensitive information through the unprotected network. This is why some VPN clients offer a feature called an “Internet Kill Switch.” With an Internet Kill Switch, if you disconnect your VPN, all internet-bound traffic is blocked from your device until the VPN connection is re-established. If you are concerned about sensitive data leakage, look for VPN providers that offer an Internet Kill Switch in their client and be sure to enable it for untrusted Wi-Fi connections. Also, some VPN services have granular application kill switches too. If you are using a particularly sensitive application, you can have your VPN service kill that application as soon as a VPN disconnects too.
Be aware that some applications may encounter issues when using a VPN. Video streaming services like Netflix are a prime example. Due to copyright requirements, many streaming services block access whenever they detect location-circumvention tools like VPNs. If content streaming is a strict requirement while you travel (I know it is for me), look into content streaming services that offer downloads for offline viewing, so you can remove the need for a Wi-Fi connection entirely.
Where to Go from Here
Hopefully now you are aware of your options when it comes to using a VPN. Before jumping in, there are a few things you should remember:
- Connecting back to the office is generally a great option if available.
- Not all service providers are equal. Find one that matches your desires for speed, security and privacy, respectively.
- You get what you pay for (to an extent). Paid services almost always offer better speed and security than free services.
Unsecured public Wi-Fi networks are growing part of our everyday lives, and they’re not going anywhere. With Wi-Fi attack accessibility at an all-time high for attackers of all skill levels, I urge you to seriously consider using a VPN anytime you’re connected to public Wi-Fi. This is one of the simplest and most effective ways to keep your internet access secure and private wherever you are.
