How to choose a secure VPN

How to choose a secure VPN
(Image credit: Vector Image Plus/Shutterstock)

It has become increasingly common to use VPNs—virtual private networks—for such purposes as securing sensitive data and circumventing restrictive online streaming policies. However, the widespread switch to remote working along with heavy-handed legislation regarding peoples’ personal data and activity has also prompted people to look for secure VPN services.

Enabling you to mask your online activity and location, VPNs are highly valued when it comes to the protection of privacy. The security of such networks is considered a key factor, especially if your priority is to protect against government snooping or identity theft. Make the right choice by following the best VPN guidance in this article.

Review the protective features

A VPN shouldn’t be considered a fail-safe method for the protection of your digital security. Indeed, there have been high profile reports of VPNs falling prey to hijacking and man-in-the-middle attacks. Users should also be aware of the risk associated with split tunneling, whereby unsecured data may be routed through the internet service provider rather than the VPN, thus making it vulnerable to criminals. It’s a very useful feature if you’re a keen torrenter, but you must remember that you’ve switched it on.

The best quality VPNs are regularly updated, with support for strong authentication, digital certificates, and the private assignment of IP addresses all enhancing data protection.

It is particularly important to be aware of the different VPN protocols, given their key role in the maintenance of data security. Your chosen provider should be covered by a recently updated and verifiably secure protocol, such as OpenVPN, WireGuard, or L2TP/IPSec.

The kill switch is another key feature, offered by many of the VPN providers. This will immediately disconnect you from the internet if the VPN fails, meaning that your online activity can’t be tracked.

DNS leak protection should also be offered as standard, with DNS requests being routed directly to the VPN’s DNS servers, rather than being rerouted back to the ISP without your knowledge.

Investigate the VPN provider’s record

You should carry out a thorough review of the data-protection and cyber-security measures taken by your preferred providers. The most secure providers will share comprehensive privacy policies and make regular updates for the prevention of leaks and hacks. You can check independent online reviews for the verification of any claims made.

The auditing record should also have a direct bearing on your VPN selection. Audits will ideally have been carried out by reputable independent organizations, such as PricewaterhouseCoopers. The results should be published in full, with details of any issues that have been identified and follow-up measures taken to maintain data security.

How to choose a secure VPN

(Image credit: Yurchanka Siarhei/Shutterstock)

Check the logging policies

The majority of VPN providers claim that they don’t keep any records of user behaviour. However, you should check whether such claims align with the VPN provider’s data logging policies. They should clearly outline the ways in which your data will be handled, stored, and shared.

VPNs maintaining strict no-logging policies don’t collect user data. This means that they don’t keep tabs on the websites you visit, the searches you make, or the content you download. Adherence to such a policy also means that records of user activity won’t be shared, even if such requests are made by government authorities. And there’ll be no chance of your data being stolen in the event of the VPN provider’s securities being breached.

The VPN should disclose policy exceptions, such as the recording of your email address. Such assurances should also be verified as part of an independent audit.

Investigate the international regulations

Some governments specify that VPNs must maintain user logs covering set amounts of time, with the logs having to be shared in the event of legal action. Laws in such countries also allow for government investigation of VPN user data.


The terms of the five, nine, and 14 Eyes Alliances are such that user data may be shared between member countries, such as the UK and USA. If you’re at all concerned about government intrusion, then it would be worth choosing a VPN hosted in a country outside the alliance.

Bottom line

This article has highlighted the main factors you should take into consideration when choosing a secure VPN provider. However, we’d also recommend you read up further on issues such as how a VPN protects your privacy and anonymity, and draw up a criteria list that you can refer to when reviewing different providers.

What do we recommend?


ExpressVPN stands out from the competition in terms of price, features, and value. With servers in nearly 100 countries, all the security features we mention above, blazing connection speeds, and reliable access to multiple streaming services, ExpressVPN is an excellent choice for those after security with no compromises.

While some users may prefer certain features of other top VPNs, it’s the best overall option for most users – and now Tom’s Guide readers can claim three months absolutely free.