Public Wi-Fi hotspots can be a lifesaver when working on the go. Keep in mind, however, that data sent through a public Wi-Fi network is inherently more vulnerable; cybercriminals are known to spy on public Wi-Fi networks, meaning that mobile users are at a greater risk of having secure personal or business data compromised. These risks are compounded when a laptop computer or mobile device is not protected by anti-malware and Internet security software.
Protect your data when you are out of the office by staying aware of the risks involved, and consider the following public W-Fi security tips when accessing the Internet.
Ask someone official for the Wi-Fi network name. Check with a staff member before accessing what you believe to be the free public Wi-Fi hotspot for the location you’re in. This helps confirm that you are not joining a fake or malicious network hosted by a hacker looking to trap users.
Use a virtual private network (VPN). Think of a VPN as an encrypted tunnel through a public Wi-Fi connection to a private router physically located back at your office, home, or some other secure location. For this you will need a business-class router with Layer 2 security features deployed in your home or office. There are several resources online that guide you through configurations for deploying VPN.
Avoid certain types of Web browsing. In the event that a cybercriminal is able to see your keystrokes while on a public Wi-Fi connection, things like online banking are best reserved for a home or office network. Some security experts advise avoiding entering e-mail passwords, but let’s be realistic about why a business user would need to access Wi-Fi in the first place. Changing your password for any program you log into on a public Wi-Fi network is a good idea.
Use two-factor authentication wherever possible. Gmail and social media sites like Facebook and Twitter offer users a practical way to add security to their username/password combination by sending a one-time passcode to a mobile phone or another device.
Use 3G or 4G for sensitive browsing. Many times it is worth the data costs to use a cell phone provider data plan for the built-in security especially when dealing with sensitive information like banking. Take advantage when available.
Uncheck Connect Automatically Features. In Windows, when you are done with the public Wi-Fi network, uncheck the box next to the network name in Control Panel > Network Sharing Center—and also disable the checkbox that says “Remember networks this computer has joined.”
In OSX, this is under System Preferences > Network > Wi-Fi > Advanced and uncheck “Remember networks this computer has joined.”
On Android, simply press and hold the network name and select “Forget This Network.”
On iOS, is this located in Settings > Wi-Fi networks > “Forget this Network.”
The underlying principle here is that a user should remain suspicious of any public network at all times. Vigilance and mindfulness of security risks should dictate online behavior in every situation that involves an open public Wi-Fi network.
Related content
- You’re Making Password Security Mistakes
- [Infographic] Use Your Entire Network for Protection
- Detect and Remove Adware Like a Pro
Let us know of any public Wi-Fi security tips that we may have overlooked in the comments.
You left out the biggest hole – browsers that use wpad.dat via dhcp/dns.
Unlike esoteric methods involving ssl bump to proxy http so traffic transparently, when your browser follows that breadcrumb to the proxy server, it is then considered an explicit proxy connection – no messy mitm hoops to jump through to decrypt your traffic – it’s all laid bare.
Few people close this privacy hole, which is good for me.
Just using wpad.dat, and sending all port 80 traffic to the proxy, I pick up 90% of http and 80% of http a traffic.
(The traffic that isn’t going through the proxy is from folks using their own vpn connections, which I encourage.)
It lets me see what my users are up to so I can tune and tweak my advertising and malware filtering to better shield them.
Not everyone running a transparent proxy has your best interests at heart, so don’t be a sap.