#My home assistant is supposed to be

1. Yes
2. The VPN is, the HTTP part isn't
3. What are you actually worried about?

Thank you Tinkerer for your quick answer! #2 When you say that my VPN is encrypted and the HTTP part isn't, is that mean that when I communicate with my local devices there is no encryption but when my HA get information from devices connected to the cloud, the communication is encrypted? #3 What I'm actually wondering is, am I exposed to hackers when my HA is accessing cloud services of my devices? I don't won't my HA to be the weakest point of entry to hack into my computer. Sorry for my lack of understanding, but I was always told that when you connect the computer to the internet you need to have a good antivirus and I don't understand why my HA is considered safe when it's local since it still get information from the web. Thanks again!

2. Well, no. That means that your connection to HA, other than the VPN part, isn't encrypted. That's completely unrelated to HA communicating with other things

3. No