Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Does a VPN give me complete security?

Question:

I recently signed up with a personal VPN service for several reasons. I’d like an unbiased opinion of their value in terms of real security, privacy, etc., and also the potential unintended consequences of using them. I like the idea of having my email completely secured. No tracking (by Google or Bing) of my searches and portability to public hotspots. But I’ve also read that because VPN tunnels through my router's NAT firewall, I might be giving up a valuable layer of security when I use it at home.

I use a robust anti-virus firewall of course, but I know you recommend a NAT firewall as a strong first line of defense against internet attacks. Are there other potential downsides to casual use? I’m not recommending one “pay for" service over another, but I happened to sign up with Witopia and I’m quite satisfied so far. Thanks for any thoughts on the subject.

I’m a little concerned that there may be some fundamental misunderstandings of exactly what a VPN does and what it does not get you.

To be clear, a VPN does nothing more than encrypt and route all of your internet traffic through the VPN provider’s server. That’s it. What happens after that server actually doesn’t change.

Is your email completely secured? That depends on what you mean.

Become a Patron of Ask Leo! and go ad-free!

What a VPN does

A VPN does not affect how your email is handled. It is still transmitted in the clear once it leaves the VPN provider and makes its way to the destination.

A normal connection might look like this:

An unencrypted connection

Whereas if you use a VPN, a portion of that connection is encrypted by the VPN:

Connection through a VPN

All of your internet connections are routed through the encrypted pipe to the VPN service. After that, however, they travel the internet exactly as before.

Services still know you

If you use Google or Bing, they can track your searches regardless of how you connect to them. While you might access them through your VPN, you’re still accessing them.

As I said, the only thing a VPN brings to the party is the encryption of your connection to the internet.

A VPN is a great tool that helps you avoid the risks of open Wi-Fi hotspots or hotel connections and (in some cases) gain access to sites that might otherwise be blocked.

Firewall?

By and large, I’m not terribly concerned about the firewall in a case like this. You want your NAT firewall up to prevent direct connections to your machine if you're at home. You want your software firewall up if you're out and about. (If you're at home it adds another layer of protection; in the case of a VPN, it won’t hurt.)

I can’t really say for sure, but I would honestly expect most VPN services to actually be properly firewalled at their end, so I don’t  expect a reverse connection coming in through your VPN (the kind of a thing that a firewall would protect you from) to be a big vulnerability.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

1 thought on “Does a VPN give me complete security?”

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.