Corporate and Exit Locations: Depending on what you’re using a VPN for, your service’s location—and the exit locations you can choose—are important to consider. If you want to get around a location restriction and watch live TV in the UK, for example, you want to make sure your VPN service provider has servers in the UK. If you’re concerned about privacy or state-sponsored snooping, you may want to pick a service operated outside of your home country. Similarly, if the service is based on the US, they’re subject to US laws, and may be forced to turn over usage data to the authorities upon request. Many people make more of this than they should (we’ve seen overseas services turn over their data to friendly governments without any hesitation repeatedly), but it’s important to make sure a VPN has servers in multiple locations—or at least the location you’re interested in—when shopping.
My recommendation, and the protocol I most often choose to use, is OpenVPN. OpenVPN is a non-proprietary, open-source implementation of a VPN communication layer protocol. It's well-understood, well-regarded, generally quite secure, and robust. In addition, it has the benefit of being able to communicate over port 443, which is the standard port for https communication, which means almost all firewalls will allow OpenVPN traffic -- and most won't even be able to detect that a VPN is being used.
An impressive and fast VPN service, Buffered VPN offers total online security and world-class customer support. The service boasts of providing access to content from any country in the world. This is achieved through the service’s server locations in 45 countries. It supports Windows, Linux and Mac platforms, but can also be set up on Android and iOS. The service offers excellent latencies and fast upload speeds, very good for browsing.
In conjunction with information security experts at The New York Times (parent company of Wirecutter), we reached out to our finalists with questions about their internal security practices. We asked how they handled internal security access, how they communicated securely with customers, in what ways they collected reports on security bugs, and of course whether their statements on logging policies matched their marketing and privacy policies. We also considered which companies had public-facing leadership or ownership, and which ones openly supported projects and organizations that promoted Internet security and privacy. (For a full breakdown of trust and VPNs, check out the section above.)
We considered native apps for Windows, Mac, and Android to be mandatory because they’re easier to use than open-source or third-party VPN apps like Tunnelblick; that in turn makes it easier to stay secure. For more-advanced users, adding VPN connections to Wi-Fi routers can help secure all connections on a home network without having to manage devices individually.
To be fair, not all pay VPN services are legitimate, either. It's important to be careful who you choose. Over on ZDNet's sister site, CNET, I've put together an always up-to-date directory of quality VPN providers. To be fair, some are better than others (and that's reflected in their ratings). But all are legitimate companies that provide quality service.
One of the most popular VPN software out in the market today, NordVPN has over 550 servers in 49 different countries. These servers aid users in different needs, which include encryption of both incoming and outgoing data, sending all traffic through a Tor network to safeguard user anonymity and protection against DoS attacks, which are usually done by malignant hackers.
These folks have been around since 2010, and don't log anything. They provide a generous five connections, a connection kill switch feature, and some good online documentation and security guidance. Our one disappointment is that their refund policy is 7-days instead of 30, but you can certainly get a feel for their excellent performance in the space of a week.