Using a VPN can help unblock services in heavily-censored countries while also securing your network. We spoke to Yaroslav Savenkov, CEO of ZoogVPN to find out more about the company and what security measures companies should put in place to protect themselves from cyber threats.
Please describe the story behind ZoogVPN: What sparked the idea, and how has it evolved so far?
The idea of creating ZoogVPN was born in the early 2010s. We started as a simple VPN provider aimed to break internet barriers after we faced this issue ourselves – the Internet in different parts of the world wasn’t the same and geo-restrictions started appearing. We faced two challenges that we couldn’t stay apart from- security and regional blocks. We understood that it shouldn’t be like that and this time a lot of people tried to find a solution, so plenty of VPNs actually were designed in the early 2010s. We were one of the first companies who offered a commercial solution for streaming and this is how our product (former ZoogTV) was created. We tried to unblock as many streaming services as possible and it was an easy job those times.
So, we entered the market in 2013 to tackle new challenges. Our journey has been both hard and exciting since the very beginning. We’ve designed apps for major devices, created a sustainable solution to get around the blocks of heavily-censored countries like Russia and China, and have done our best to meet users’ expectations. Our engineers and product team were mainly focused on simplicity and affordability to make a seamless customer journey. We are still sure that user experience is the only KPI you should focus on when creating a digital product.
What makes ZoogVPN unique from other VPN services?
Although it’s hard to tell regarding something unique in the market where dozens of VPNs are available, we have something to say here 🙂
- We always follow a user-focused approach. We think about user experience first and we try to listen to our customers. This is a basic principle in software engineering nowadays, but it’s still an issue for some VPN providers. In our market VPNs were mostly created by engineers who understand all ins and outs of the technical side of a VPN. However, as the Internet evolves, people without technical backgrounds also need a VPN. This is where a lot of companies fail because they don’t take real users’ needs into account. We always care about our customers and help them whenever they need our help. We try to educate our customers and explain why VPN is a must not only when you are watching US Netflix, but also when you are just surfing the Internet. So far, we think we do this job well helping usual people to protect their privacy.
- We do believe in users’ privacy. The idea of creating a VPN was just natural for our founders. We saw the real problem and offered a solution to it. A lot of VPN providers joined the market when they saw a real demand for VPNs and huge opportunities here. On the contrary, we focused on tackling real challenges and always had a real idea of free and safe Internet behind our backs. Our mission statement isn’t written for the sake of eloquence, but it illustrates the values and principles our team shares and operates by.
- ZoogVPN is one of the most affordable commercial VPNs. While the 2 aspects above can be questioned by our readers, nobody will doubt that our price is unique compared to other VPN services. We don’t charge too much because we understand that the countries where a VPN is vital for people can’t afford to pay $100 for the subscription. Unfortunately, citizens of countries with strong censorship have very low purchasing power, but the free and safe Internet is an inalienable right they deserve to have. That’s why we always try to make our VPN as cheap as possible and provide a free version for everyone.
Which settings do you suggest for streaming content through ZoogVPN?
Although we try to ensure the best streaming experience for our users, there are some things that depend on them. As for the basic suggestions, we always recommend our users to watch different shows from browsers rather than applications because traffic from specific apps is always different from regular browser traffic. Although it’s sometimes inconvenient, streaming with the browser is easier for every VPN to unblock. Furthermore, a simple suggestion is to use our special streaming servers that are marked with the “ZoogPlay” icon, e.g.:
Some streaming services rely on cache, so clearing the cache before streaming and turning on a VPN can also help. Of course, it’s better to use fast VPN protocols for streaming. When it comes to ZoogVPN, we always recommend using IKEv2 or OpenVPN UDP, because they are both stable and fast to stream content.
With more people working remotely. What security measures are important for companies to put in place?
I am completely sure that companies should establish a well-prepared and deep security system for their products, dashboards, and their employees. Despite the benefits of remote work, on the company level, it creates a lot of vulnerabilities just because somebody doesn’t take security seriously. We even see huge data breaches in such companies as Facebook and LinkedIn. Of course, on the one hand, these companies are valuable targets for hackers, but on the other hand, such leaks are always a result of somebody’s negligence. Taking into account our cybersecurity experience, we can tell for sure that such problems are always connected to the inappropriate approach to security and thoughts like “It will never happen to me”.
As for security measures, I think the key points should be the following:
- Own corporate VPN for employees.
Companies should run their own highly-encrypted VPN server or get a trusted B2B solution from VPN providers. Every employee, in turn, should receive their own configuration. Access to all corporate sources should be restricted to VPN’s IPs only, so somebody outside the VPN network can’t access them. This is a basic principle.
- Corporate emails
When it comes to documentation, different files, and Google services, everything should be bound to the corporate email address of the employee. On top of security, it’s just convenient to revoke access once an employee is fired, for example. If everything is connected to the corporate email address, it’s easy to shut it down when necessary.
- Introduction of basic cybersecurity measures every employee should follow
This is also a very important part of employee onboarding. Every person needs to gather the experience of the company not only in their domain but in cybersecurity as well. A company should explain to everyone what can they do to protect themselves and the company’s data. What’s more, everyone should understand why it’s so important. It’s better to explain to them all the possible vulnerabilities and problems his negligence can lead to. Without a proper understanding, people will just ignore this information. We are sure that companies should start from basics, for example, it’s necessary to tell employees that they should use strong passwords and 2FA wherever possible, they shouldn’t use free software for making screenshots, and so on. As a part of this education, every employee should be a tester of the company’s product. It should be clear for everyone that if you notice an issue or bug, it should be reported to the technical team immediately. That said, a person has to feel their responsibility for everything happening in the company and help fix issues before customers or hackers find them out.
- Encrypted databases and limited access to CRMs
If we are talking about product companies with a great number of customers, the user’s database should be protected well enough. At least, access to this database should be restricted by IP, and no parts of this database should be transferred or exported in files. A huge vulnerability is the list of customers in CRM. During my IT experience, I saw a lot of examples when former employees downloaded customers’ lists and sold them or gave them to a new company for free. When it comes to remote work, it’s very important to sign an NDA with all possible cases addressed.
What threats do you see emerging in the near future?
We are deeply concerned about the number of data breaches we see every day. For instance, there were 1,862 data breaches last year, surpassing both 2020’s total of 1,108. Although it’s not directly related to VPN usage, it shows how companies underestimate their own security. The more Internet allows, the more people join it and use the Internet without any basic knowledge of how to secure yourself on the Web. It leads to gigabytes of leaked information, broken databases, and tons of personal information available for those who want to use it with bad intentions. Unfortunately, we think the number of data breaches will grow until people won’t be taught to use the Internet securely and start thinking about their privacy seriously.
We also care about tightening Internet restrictions in different countries based on the political position of their government. We are concerned that the right to free and uncensored Internet is always breaking in Russia, East countries, and more. We believe that it shouldn’t be like that and restricting access to information, and even shutting down some VPN services doesn’t mean anything good for countries along with their population and it creates lots of threats to people, their opinions, and their abilities to tell their position at least online. Internet was a free space where everyone could discuss everything. Unfortunately, governmental control over the Internet has made this place unsafe and this is what we see now in Russia where a single post on social media can lead to jail. We think that our mission here is to secure people who want to stand out and protest the regime, so our VPN will help at least to secure their traffic and hide them from the government.
What can we expect to see next from ZoogVPN?
It’s hard to surprise someone in this market when some vendors spend millions to improve just one thing their customers won’t probably notice 🙂
Yet, we are happy to announce WireGuard in ZoogVPN which is currently in the final stage of development. We will release this protocol soon. We totally understand that it’s not something new for the VPN market, but a lot of our customers are waiting for it, so the time to release WireGuard has finally come.
On top of that, we are finishing designing a brand-new back-end infrastructure for streaming that will allow us to keep unblocking a lot of services at scale and monitor them in real-time. We hope this solution will fit the needs of our future customers and let them enjoy streaming on budget.
There are also lots of things that we are doing daily to make our website better, handle payments better, add new languages, and more.