VPNSecure promises minimal data logging, collecting only users’ email addresses, passwords, and usernames. However, they had a large data breach last year. In addition, they don’t use encryption when the program is at rest.
Encryption
In Transit |
Yes |
At rest? |
No, if opt for DES-CBC-64 bit option |
All network communications and capabilities? |
Yes |
Security Updates
Automatic, regular software/ firmware updates? |
Yes |
Product available to use during updates? |
No |
Passwords
Mandatory password? |
Yes |
Two-Factor authentication? |
No |
Multi-Factor authentication? |
No |
Vulnerability Management
Point of contact for reporting vulnerabilities? |
Fill out a ticket |
Bug bounty program? |
No |
Privacy Policy
Link |
https://www.vpnsecure.me/terms-of-service/ |
Specific to device? |
No |
Readable? |
Yes |
What data they log |
Username, password, email address |
What data they don’t log |
IP address, connection timestamp, disconnect timestamp, bandwidth, DNS requests |
Can you delete your data? |
Yes |
Third-party sharing policies |
Do not share |
Surveillance
Log camera device/ app footage |
n/a |
Log microphone device/ app |
n/a |
Location tracking device/ app |
No |
Parental Controls
Are there parental controls? |
No |
Company History
Any security breaches/ surveillance issues in past? |
Yes |
Did they do anything to fix it? |
No |
Additional Security Features
Anything like privacy shutters, privacy zones, etc.? |
n/a |