Surfshark upgraded its infrastructure to 100% RAM-only servers

Surfshark became one of the first providers in the VPN industry to upgrade the security of its infrastructure with a 100% diskless server network, covering all the 3200+ servers and locations in all countries. In doing so, we’re leading the ongoing pursuit for more private and transparent practices across the field. 

Today, the vast majority of top VPN providers offer strict no-logs policies. However, in pursuit of higher user privacy and security, converting all servers to RAM-only profiles has not become a common practice. Running all servers on volatile (RAM) memory means that any information that would usually be on the hard drive is wiped off automatically whenever a server is turned off.

Why are hard drive servers less secure?

The data stored on server hard drives is mostly operational and is only required to initiate a successful VPN function. Despite this, it could, theoretically, still be accessed in case the servers were seized or taken over by a malicious third party.

Along with that, hard drive servers are less secure because their private keys could potentially be stolen from the server configuration and the attacker could pretend to be a legitimate Surfshark server simply because they would then possess these keys. 

However, moving all the necessary processes to RAM means that no information can be physically taken from servers. Plus, it can be wiped easily and remotely as a part of regular security procedures.

Surfshark is continuously reaching for better security practices in the industry. That is illustrated by being one of the first VPN providers to initiate an independent security audit and launching two-factor authentication on all of its applications.

Our vision is to create the best environment for our users to fully exercise their right to privacy and security. RAM-only servers help us take a substantial step towards that goal.