The Dangers of Free Public Wi-Fi: How To Protect Your Network

February 2nd, 2016 by admin

Light blue depiction of a wireless symbol

How dependent have you and your employees become on public Wi-Fi outside the office? Mobile hotspots are almost everywhere now—from coffee houses and fast-food restaurants to hotels and airports (and even aboard most planes). Without Wi-Fi access, many of us feel alarmingly "disconnected"—as if we've driven 20 miles before realizing we left our phone at home! (Can you recall where and when you last saw a pay phone?)

Risky Business

We've come to rely on free Wi-Fi for its sheer convenience, but how secure is it, exactly—particularly for business purposes? Actually, not much at all.

Most commercial-grade public Wi-Fi has been made as technically simple as possible to maximize the number of simultaneous users and avoid connection issues which might require a time-consuming call to a Help Desk. There are no cumbersome firewalls, encryption, or other standard frontline defenses you'd expect from your company's onsite network.

Even a public hotspot requiring a password offers little real security if all users use the same common login. This makes free public Wi-Fi an especially inviting target for hacking. A minimally-skilled cyber-crook can eavesdrop on Wi-Fi data traffic via black market software on a tablet hidden in a backpack, while a more sophisticated hacker can go as far as creating a bogus duplicate hotspot for users to mistakenly log into. Once connected, the hacker has free reign over the user's personal data—email, social media, bank accounts, and more—as well as any important business files (even if they're not open at the time). The vulnerabilities of public Wi-Fi are the weakest link in your IT security chain.

Saving Private Data

What's the best defense against malicious Wi-Fi snooping? If you aren't familiar with VPN (Virtual Private Network), your company is already at serious risk. A VPN server essentially acts as a third-party "buffer" between a mobile device and the company network (or the at-large Internet). Using a VPN app installed on the device, the Wi-Fi user connects to the company's VPN instead of connecting directly to their usual browser homepage. The VPN then thoroughly encrypts all end-to-end data traffic to and from the user's mobile device. If a hacker intercepts that Wi-Fi data stream, they'll only receive unintelligible gobbledygook.

Adding a VPN layer of security is relatively painless. A VPN option is actually built into Windows (do a file search for "VPN"). There's also a wide range of VPN client/server software and real-time services from trusted vendors, or a custom solution can be developed, typically based around SSL (the same level of security most banking sites use) or other advanced protocols.

Are your employees unknowingly putting your company at risk whenever they flip open their laptop at the coffee shop down the street? Feel free to share your concerns with us.

Posted in: Cyber and Data Security