Earlier this year the damaging news shook the VPN industry when a data-leak revealed that seven Hong Kong-based free VPN service providers have been logging data on their servers, even though promising a no-logs service - you can read . more on the issue here For a long time, VPNs functioned on a trust basis. Users put faith in their chosen VPN service provider to not store any logs, and transparent providers did their best to live up to the promise of online privacy. However, this is not the case anymore. Over time numerous procedures were developed to ensure the users their service is genuinely logs-free. At NordVPN user trust and privacy is our paramount mission, and in this article, we'd like to outline the exact steps we've taken to ensure our servers are secure, fast, and keep no-logs. Jurisdiction matters When talking about user privacy and server security, there's always a lot of configuration involved. It will be discussed later in the article. But there's one crucial aspect that has little to do with technology - it's the jurisdiction that a VPN service provider operates in. Depending on its geographical location, a VPN service provider can be forced to log data by request of the authorities. Moreover, the 14-eyes countries alliance collects and shares information, and any VPN located in one of those can be requested to log and provide logs. That's why NordVPN chose Panama as its base of operations. This country is not a member of the 14-eyes alliance and is known as an Eden's garden for privacy related companies. Which means we are not obliged by any laws to store user-data on our servers and can guarantee user privacy that a no-logs VPN service provides. RAM-only servers One way to secure user privacy is to ensure no data can be stored on the servers in the first place. And one way to do it is to change server infrastructure to RAM-only servers. In simple words, RAM is short-term device memory, it's much faster than solid-state or hard-disk drives and doesn't hold data for so long. In this particular case, it was a perfect solution for our users. Not only do they get a server infrastructure that is unable to log any data by design, but RAM-only servers are also faster than the regular ones, so we moved all of our servers to this structure. Therefore, even if a server got seized, there wouldn't be any information to extract from it in the first place. Colocated servers When you're handling infrastructure of 5400+ servers, the job of administering each and every one of them is no easy task. Providing servers all around the world are necessary to guarantee such important VPN features as access to restricted content, freedom of speech, and right to privacy. However, it poses a challenge of having to deal with numerous server renting companies in various countries, which we carefully selected to provide the service of sufficient quality. Colocated servers, on the other hand, bypass the need to interact with other business units, and prevent possible third-party failures from happening. Colocated NordVPN servers are owned and managed solely by NordVPN, and we have already launched our first colocated servers in Finland. In the future, we're planning to move all our servers to colocated ones, which will be secured and cared for by our trusted team of cybersecurity specialists. Server variety VPNs let you bypass geographical restrictions, avoid ISP speed throttling, assure more private browsing, among other use cases. Any one-type of server can't excel in all of these things, that's why we have separated and reconfigured some of them to be good at one thing upon users requests. Right now, users can choose between 5 different types of servers: P2P servers for fast and private peer-to-peer traffic; Obfuscated servers should be used where authorities regulate the use of VPNs; Double VPN servers route the traffic through two servers instead of one, maximizing online privacy; Onion over VPN servers benefit from additional encryption and the safety of the Onion network; And Dedicated IP servers provide a static IP address in need. How NordVPN servers work NordVPN servers have been designed to assure user privacy, good connection speeds, and to function with the bare minimum of user data. That’s why authentication servers verify bare minimum user information, such as user’ credentials - that’s how we identify our valid users. First of all, authentication servers verify the user credentials, check their subscription status, and whether the user has reached the limit of concurrent simultaneous connections. After verification is done the user can connect to one of our servers - both of these processes and communication between devices are encrypted. From this point on, we do not see any online activities, and after the session is done, the data is wiped clean because of RAM-only server structure. Upon leaving NordVPN server to its destination, the data-flow is decrypted and routed to the Internet through the NAT/Firewall for a secure connection. Furthermore, once the traffic is sent to its target destination, it has an assigned shared IP address, which makes the possibility to trace online activities back to a specific user an extremely difficult task. Last but not least, we have also cooperated with an independent auditing firm, who - once in November 2018, once in May 2020 - and verified that NordVPN is a genuinely no-logs VPN service provider. audited our servers twice We hope this clarifies the steps we took to ensure our user privacy. More about Nord Security was developed by Nord Security, a multinational company offering everyday cybersecurity solutions. With a growing global user base of 14 million, NordVPN is a leader among VPN providers. To protect user privacy, NordVPN operates out of Panama — a jurisdiction without data retention laws. NordVPN The company has recently been taking big steps towards becoming “more than just a VPN,” with the launch of several features beyond your regular virtual private network. One such feature is , offering ad and tracker blocking and protection against malware. Threat Protection Nord Security offers several other cybersecurity products: — an encrypted password manager NordPass — file encryption and storage NordLocker — a VPN for businesses NordLayer How much does NordVPN cost? has three pricing plans: 2-year, 1-year, and monthly. The 2-year plan offers the best value at $3.29/month for two years (taken as one payment of $78.96). NordVPN The 1-year plan is the second-best option for value, offering 39% off right now. You’ll pay $59.88, amounting to $4.99 per month. You can also pay monthly, but the cost increases to $11.99/month. NordVPN often has special deals and discounts, especially with the 2-year subscription plans. Right now, NordVPN’s “Back to school” offer will save you 65% and gift you three free months of service. All plans come with a 30-day money-back guarantee that’ll guarantee a full refund if you’re unhappy with the service. Customer Support at NordVPN NordVPN offers 24/7 customer support that helps users solve any issues and make the most of their cybersecurity products. You can reach the support team via chat or email. For more information about NordVPN’s products and services and cybersecurity news, visit . You’ll find answers to your technical questions on how to use NordVPN in the . the NordVPN blog FAQ section

Flow

Target

Trace

How NordVPN Helps Keep Users' Data Secure on Servers

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

How The Quarantine Affected Cybersecurity: New Challenges And Solutions

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

The Noonification: How the Liver Transplant System Changed Forever (11/25/2023)

How The Quarantine Affected Cybersecurity: New Challenges And Solutions

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

The Noonification: How the Liver Transplant System Changed Forever (11/25/2023)

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps