Thanks to the hurried lives we lead, most of us also like to squeeze in some of the leftover work while we’re sitting in a café or waiting at the airport. This is especially true for the managerial roles, when you’re essentially on the clock 24/7.
Without reliable public wi-fi connection, which are dime a dozen nowadays, that would be impossible. However, few of us pay attention to network security while we’re at it. The thing is, it could be hazardous to both your personal and your company’s data.
There’s a lot that hackers can do on unsecured networks. In fact, ‘hackers’ is too strong a word. Almost anyone with a laptop and the proper software tools can do it. It’s called wi-fi sniffing: the hacker connects to the network and listens to all traffic coming to and from your device, performing the so called “man-in-the-middle” attack.
Sounds dangerous? Because it is. All your unencrypted Internet activity is plainly visible to the attacker. What’s more, there’s no way you can tell it’s happening – everything appears normal to your PC. Attackers can also install malicious software to your PC quite easily that can be later on used to spy on you, or even spread to other computers once you return to your office.
More advanced methods include the creation of fake wi-fi networks, where criminals control the network itself, much to the same effect as sniffing. This puts all the information you send – log-ins, company passwords, e-mails, files, photos, etc. right into the hands of hackers.
What about HTTPS?
HTTPS is exactly the protocol you need for browsing on public networks. It is made to be safe and allow for privacy even when you know that the wi-fi network you’re connecting over could be public. So, what’s the deal with it?
Well, you can recognise HTTPS websites in your browsers by looking at the padlock near the address bar. If it’s there, the connection is encrypted. Properly encrypted connections to websites are perfectly safe and would take hackers thousands of years to break.
However, attackers can try to redirect the website login page from HTTPS to HTTP protocol with tools like sslstrip when you’re connected to a compromised hotspot.
Additionally, some websites don’t use HTTPS during the whole session, but restrict it only to the login process in order to ease the load on their servers. While your login information is still safe, the attackers could recover your session ID and steal your cookies.
If you absolutely cannot go without accessing sensitive data, get a VPN subscription and use it to browse. Your data will be strongly encrypted. That’s the most foolproof way of ensuring your information is safe.
Also, turn off Wi-Fi on your devices when not in use. Smartphones and tablets are especially happy to seamlessly connect to any Wi-Fi network in range. They could send sensitive information if some shoddily coded apps were to communicate with the server. It’s best to exercise caution.
When connecting to the public networks with your laptop, always set the location to ‘public’. This will prevent other computers on the network from seeing you in their network list. Additionally, Advanced Sharing Settings in the Network and Sharing Center option in the Control Panel allows you to fine-tune the options for sharing. We recommend you turn off network discovery and file and printer sharing, unless absolutely necessary. (It usually isn’t).
For good measure, set up a firewall. Even the default Windows Firewall works fine, but make sure it’s switched on. You can use the firewall to block a potentially sensitive background program from accessing the Internet when connected to the public Wi-Fi.
Time for a Break
The best thing you can do is – take a break. Don’t push your employees to work in public places or while they’re away. It’s good both for their well-being and that of sensitive data. Instead of stressing over the security of your connections, let them relax and work in proper conditions. The potential risks and headaches are just too numerous to ignore.
If you decide to, however, you’re in plentiful company. Surveys in Australia have shown that more than 25 percent of public Wi-Fi users sent bank or PayPal transactions via public Wi-Fi, with half that number performing work-related tasks. Many are aware of the risks, but choose to ignore them. For some, the learning experience will be very expensive.
Public Wi-Fi is a convenience we take for granted, but it does come with certain risks. Even though the chance of coming across compromised and malicious networks isn’t large, why risk it? The consequences can be catastrophic if that happens to your employees. It’s best to use public and free Wi-Fi for regular, public browsing. Some things are best left for the home or office. The same applies to Internet services as well.