Nmedia - Fotolia
Now that the COVID-19 pandemic has forced office workers home, many are finding they're severely lacking the necessary tools that protect sensitive data in unsecured, remote locations. Fortunately, there are low-cost VPN services available that can provide an additional layer of security to give users and enterprises piece of mind during uncertain times.
The need for VPN services in remote work
New work-from-home users no longer have the luxury of enterprise-grade firewalls, network-based malware protection or secure DNS services that they're accustomed to when working out of the corporate office. Another major issue with remote work is a lack of proper VPN connectivity to help protect sensitive data as it traverses the public internet. While many enterprises have remote access VPN into the corporate network, most modern apps and data reside in public IaaS, PaaS and SaaS clouds, making current VPN implementations slow and inefficient.
A better and more efficient option would be to utilize a VPN service provider to gain several extra layers of security protection. These services have also proven to be more efficient from a performance standpoint compared to connecting to a corporate network, only having to hairpin back out of the internet to a public cloud service provider.
Common VPN service features
First and foremost, a VPN service should provide a secure method to access the internet, while also maintaining a private connection. A virtual point-to-point connection is established between either the end device or a router that sits on the edge of the network and the service provider's VPN gateway. The path between the user and the service provider forms a tunnel within which all user data resides. Inside the tunnel, all the sent and received data is encrypted using Advanced Encryption Standard 256 -- a nearly unbreakable standard. Once the data reaches the provider's VPN gateway, the traffic then goes onto its destination. For business users, this is typically a website or cloud service provider. However, the source IP address of the connection becomes that of the service provider -- not the customer. Thus, the VPN effectively hides the original source IP address and can even make it look as though the connection is residing from a different part of the country or the world.
Beyond basic data protection and anonymity functions, many VPN service providers offer additional benefits to help protect customers. One feature, referred to as the kill switch, verifies that the VPN tunnel is established and that all internet traffic is using the tunnel for protection. If that's not the case, the VPN software will kill access to the internet, preventing data from going outside of the tunnel until it can be reestablished.
There are some situations, however, where the user does want to bypass the VPN tunnel and connect to internet resources outside of a VPN tunnel, which is what split tunneling/whitelister features provide. These services enable the user to dictate which applications or specific whitelisted destinations can bypass the tunnel and are useful in situations where websites or applications use geolocation to provide specific accessibility capabilities or serve up different data depending on where in the world the request originates from.
Most, but not all, VPN service providers also own and manage their own private and encrypted DNS servers so end customers can make DNS queries inside the protected tunnel. This prevents DNS requests from having to go outside of the tunnel, which would give hackers the ability to see what destinations the user is trying to reach.
Lastly, VPN services vary in terms of their device and OS support for their services. Most VPN service providers offer software that can directly install onto end devices, such as PCs, tablets and smartphones. The user will then have to manually establish the VPN connection using the installed software. An alternate method is to install the VPN software onto a compatible internet edge router. The benefit here is that the VPN tunnel is always on and will protect all devices on that local network. The drawback, of course, is that the VPN service does not follow users once they leave this network to connect to a different internet service.
Next, let's look at six of the top VPN service providers on the market today and how they differ from one another from a feature, support and pricing standpoint.
Headquartered in Bucharest, Romania, CyberGhost claims it has 5,700 servers in over 89 countries. The number of countries where CyberGhost is available is second only to ExpressVPN. While it is one of the more expensive month-to-month VPN services on our list at $12.99 per month, the monthly price drops dramatically to $5.99 as long as users pay upfront for a 12-month subscription. One license covers up to seven simultaneously connected devices. Additionally, the service includes several advanced features, including a built-in ad blocker, use of private DNS servers and support for a wide range of devices, browsers and flashable routers.
The company also offers a one-day free trial and a 14-day to 45-day money back guarantee, depending on the subscription purchase. For support, users can reach out via 24/7 chat and email.
Based in the British Virgin Islands, ExpressVPN has VPN endpoint servers in 94 countries -- the most countries on this list. At a $12.95 per month price point, it's on the more expensive side. However, an upfront annual payment can drop the monthly cost considerably to $8.32. The company does also offer a 30-day money back guarantee, and one license covers up to five devices.
Other notable features include a split-tunneling feature that enables users to choose which apps should use the VPN versus apps that should bypass it and reach destinations around the tunnel. This is useful in situations where apps and websites base content accessibility on the geolocation of the IP address in use. From a device standpoint, ExpressVPN supports all the major OSes that business users need, including macOS, Windows, Android, iOS and Linux, as well as flashable routers. Support is available through 24/7 accessible chat.
Seattle-based IPVanish is the lowest-cost VPN service on our list. At a monthly $5.00 or an upfront annual fee that drops the per-month rate to $3.25, it's a VPN provider to consider for tight budgets. The company offers a seven-day money back guarantee. Included with a single license are the ability to use up to 10 simultaneous devices, VPN server access to over 75 countries, and compatibility with most devices and flashable routers.
One unique feature of the service is an included SugarSync file storage, file sharing and cloud backup license. For those that are looking for both a cloud-based VPN and a cloud-based file storage service, they can find both at an affordable price with IPVanish. Customer support is accessible through live chat, email and phone.
From a name recognition standpoint, Panama-based NordVPN is at the top. It also checks most boxes when it comes to features, including private and encrypted DNS servers, ad blockers, and support for a wide range of devices, flashable routers and web browsers, such as Chrome and Firefox. From a VPN server perspective, the service provider operates 5,600 servers in 59 countries. While the country number is lower than many others, it's likely more than enough for most business users.
Month-to-month pricing for NordVPN sits at $11.95, while an upfront annual cost reduces the monthly rate to $6.99. The company does include a full 30-day money back guarantee. A single license enables users to connect up to six devices simultaneously. Web ticketing or email features are available for customer support inquiries.
Based in Redwood City, Calif., Pango's Hotspot Shield is considered by many users to be one of the fastest VPN services on the market, primarily because the service uses a proprietary Catapult Hydra protocol. This protocol is shown to be significantly faster compared to the more widely used OpenVPN or IPsec protocols. It also offers over 3,200 VPN servers located across over 80 countries. Each license supports up to five simultaneously connected devices. One thing missing from the product that most others do offer is the use of private DNS servers. Thus, DNS communication will continue to use the DNS servers assigned directly to the end device.
Hotspot Shield's $12.99 per month is tied for the most expensive on the list with CyberGhost. The monthly cost drops to $7.99 if the user pays upfront for one year. Support devices include all the big OSes and many flash-based routers. The company offers up to a 45-day money back guarantee, depending on the subscription length customers purchased. Customer support is accessible through 24/7 chat and email.
The second British Virgin Islands-based VPN service provider on our list is Surfshark. The service boasts having servers in over 61 countries and includes the use of private DNS, a whitelisting tool to bypass the VPN for certain website access and a built-in ad blocker. Surfshark also claims a single license covers unlimited use of simultaneous devices connecting to the VPN service. That's quite unique, considering most other service providers cap simultaneous device use between five and 10 devices.
Pricing starts at $11.95 per month -- or $5.99 per month for an upfront one-year license payment. This includes a 30-day money back guarantee. Device support is extensive and includes all the typical OSes, such as Windows, Linux, macOS, iOS and Android. The company also supports the ability to install Surfshark on flashable routers. Customers can purchase preinstalled routers directly on the Surfshark website. Service support is available through 24/7 live chat and email methods.