Public Wi-Fi is a great tool for checking your email, social media, and browsing the web when you're out and about. However, there are risks attached – especially when accessing the connection for business use.
Whether you're browsing for fun or performing top-secret work on a laptop or tablet for your employer, certain online tasks should never, ever be done over an unsecured network connection. This advice applies to internal, open networks that you might find in a business or office setting too.
Here's a short guide to what NOT to do when you're using a public internet connection.
1) Don't Access A Business Or Personal Bank, Or Secure Remote Storage Accounts
Cybercriminals consider unsecured, unencrypted, high-traffic routers at busy locations such as train stations, airports, and shops, as prime targets for monitoring and data mining. Unfortunately, such public routers are relatively common in the UK due to lax security protocols. As the data passes through in packets, skilled hackers can extract pieces of unscrambled information. When pieced together, the information gathered can then be used to commit serious crimes such as fraud, blackmail, corporate espionage, and identity theft.
Even if the data is encrypted by Secure Socket Layer (SSL) protection, compromised routers can still be used to distribute malware and spyware to target connected devices. Keyloggers can bypass online encryption to gather passwords and usernames at their source.
If you need to access your secure accounts, make sure to use the internal network at your workplace or a secured DSL connection at home (that you trust). Always keep your anti-virus, anti-malware, and firewall software active and up to date. Virtual Private Networks (VPNs) are also a good strategy to keep data secure while in transit.
2) Don't Make Purchases Online!
For very similar reasons, you should also avoid ordering products, making payments, and purchasing digital downloads when using public Wi-Fi. Your payment information and delivery address can be intercepted, allowing criminals to divert funds or steal your business identity to make their own purchases.
Browsing websites such as Amazon (as long as you don't log in) is generally fine. Always use SSL-secure retailers and payment protection services such as PayPal when shopping on a safe internet connection.
3) Don't Enable Automatic Connectivity
Most Android, iOS, and Windows devices can be set to locate and automatically connect to 'open' (WPA/WPA2) Wi-Fi connections. While this is useful for keeping your wireless internet connection up and running or getting online quickly in trusted locations, you should always turn this feature off while walking around in public.
You can avoid automatic logins by disabling the option in the wireless settings menu, or by turning off your device's Wi-Fi transceiver altogether when not in use (which has the added advantage of saving a lot of power).
Automatically joining every network you pass greatly increases the risk that your device will be infected with malware or compromised by spying. Most safe public Wi-fi providers now use a basic, advertised password to prevent accidental logins. A network that is too easy to join should always be treated with suspicion.
Automatic file sharing (whether by Bluetooth or Wi-Fi) should also be disabled on work devices, as it creates an additional, similar vector for malware infections.
4) Don't Leave Your Company Devices Unattended
If you're connected to the internet in a public place, your device can easily be used to make unauthorised purchases and transfer files to a remote source in a matter of seconds.
Leaving a phone or laptop unattended, even for a few minutes, runs the risk that nearby criminals might perform malicious actions under your name, or steal your device. Always keep a close eye on company laptops, tablets, and phones when holding a meeting in a public place.
5) Don't Save Your Secure Logins
For security reasons, logins, passwords, and financial details should be manually entered each time. Website features such as 'Remember Me' or 'Save Password' should be left unticked and unused if possible. Write down your passwords once and store them in a secure, locked location if you struggle to remember them.
Find Out More
Do you need to clear your confidential files from a corporate device before it's recycled or assigned to another employee? At Absolute ITAD, we specialise in secure data wiping, data shredding and sustainable recycling services. Download our free guide to mobile data sanitation to find out more.
Image source: Pixabay