VPNSecure promises minimal data logging, collecting only users’ email addresses, passwords, and usernames. However, they had a large data breach last year. In addition, they don’t use encryption when the program is at rest.
Encryption
| In Transit |
Yes |
| At rest? |
No, if opt for DES-CBC-64 bit option |
| All network communications and capabilities? |
Yes |
Security Updates
| Automatic, regular software/ firmware updates? |
Yes |
| Product available to use during updates? |
No |
Passwords
| Mandatory password? |
Yes |
| Two-Factor authentication? |
No |
| Multi-Factor authentication? |
No |
Vulnerability Management
| Point of contact for reporting vulnerabilities? |
Fill out a ticket |
| Bug bounty program? |
No |
Privacy Policy
| Link |
https://www.vpnsecure.me/terms-of-service/ |
| Specific to device? |
No |
| Readable? |
Yes |
| What data they log |
Username, password, email address |
| What data they don’t log |
IP address, connection timestamp, disconnect timestamp, bandwidth, DNS requests |
| Can you delete your data? |
Yes |
| Third-party sharing policies |
Do not share |
Surveillance
| Log camera device/ app footage |
n/a |
| Log microphone device/ app |
n/a |
| Location tracking device/ app |
No |
Parental Controls
| Are there parental controls? |
No |
Company History
| Any security breaches/ surveillance issues in past? |
Yes |
| Did they do anything to fix it? |
No |
Additional Security Features
| Anything like privacy shutters, privacy zones, etc.? |
n/a |
