Today, the vast majority of top VPN providers offer strict no-logs policies. However, in pursuit of higher user privacy and security, converting all servers to RAM-only profiles has not become a common practice. Running all servers on volatile (RAM) memory means that any information that would usually be on the hard drive is wiped off automatically whenever a server is turned off.
Why are hard drive servers less secure?
The data stored on server hard drives is mostly operational and is only required to initiate a successful VPN function. Despite this, it could, theoretically, still be accessed in case the servers were seized or taken over by a malicious third party.
Along with that, hard drive servers are less secure because their private keys could potentially be stolen from the server configuration and the attacker could pretend to be a legitimate Surfshark server simply because they would then possess these keys.
However, moving all the necessary processes to RAM means that no information can be physically taken from servers. Plus, it can be wiped easily and remotely as a part of regular security procedures.
Surfshark is continuously reaching for better security practices in the industry. That is illustrated by being one of the first VPN providers to initiate an independent security audit and launching two-factor authentication on all of its applications.
Our vision is to create the best environment for our users to fully exercise their right to privacy and security. RAM-only servers help us take a substantial step towards that goal.