19/07/12

Who’s Watching You on Wi-Fi?

A Coffee Nation hot desk with Cappuccino on tap with free Wi-Fi is very
appealing if you are a business person on the road. However, free WiFi
may have a sting in its tail if you are not the only person looking at
your business data. The upcoming release of Watch Dogs, an action-adventure video game for Xbox360 and Playstation3, shows that the line between reality and science-fiction is becoming increasingly thin.

watch dogs…

… is due to be released in 2013. The game centres on the player’s ability to hack
into various electronic systems, either to obtain and control
information or to destroy those devices completely at specific times. This
is a case of art imitating life, for indeed it is perfectly possible
for any technically savvy hacker to do all of this right now. I’m
betting that if you have any mobile device such as a smart phone,
tablet or laptop, you connect to public, unsecured Wi-Fi access when you
are out of your office. You may also well be aware that
if the Wi-Fi network is not secure you are open to data theft,
especially passwords and private information. You may not be so sure of
why and how much you are at risk.

how well do you understand the risks to your data?

The problem of unsecured wireless networks is a part of the way radios work.
Unless specifically designed to do so, a radio won’t broadcast in any
particular direction. It will send information across the airwaves in
all directions. As a result, anyone nearby can potentially pick up the
data sent by a wireless radio, and if that data is unsecured, it can be
read. Wi-Fi security works by encrypting the data sent. It can still be
picked up, but can’t be easily read because of the mathematical
algorithm used to scramble it.

In truth, obtaining data even over a public Wi-Fi network requires a
certain level of knowledge about software and Wi-Fi scanners which your
average person doesn’t possess. However, the threat of cyber-crime
against business real and is on the increase. See
this article on the BBC Technology website on July 18th 2012: The
government has begun a competition to find people to help defend the
UK’s infrastructure from cyber attack.

be safe not sorry

It pays to be wise before rather than after the event – so here are some
practical steps you can take immediately to reduce the risk to your
business.

  1. Connect to public networks that require passwords when you can, as they tend to be more secure.
  2. Many public networks have a legal disclaimer stating network use and security. It pays to read these before you connect.
  3. Turn Wi-Fi off when you’re not using your device (e.g. smart phone, ipad, tablet, laptop, etc.)
  4. Be aware that if you have WiFi on while connected to another
    network: e.g. mobile data, your device is continuously searching for
    other networks to connect to. Often it will connect to an unsecure
    network, unintentionally exposing your information. You will never even
    know it happened.
  5. Avoid public hotspots. Hotspots are public Wi-Fi connections
    usually provided by a company e.g., many coffee shops and motorway
    service stations offer Wi-Fi hotspots.
  6. Invest in a data connection for your device or a mobile internet
    stick (also known as a mobile broadband stick or USB modem) is the size
    of a thumb drive and connects to your notebook via USB. These are
    considerably safer as the data is encrypted before it’s transferred from
    the radio transmitter cell tower to your device.
  7. Use HTTPS sites wherever possible. HTTPS stands for Hypertext
    Transfer Protocol with Secure Sockets Layer (SSL). In Plain English this
    is a website that has been built with security of user’s data in mind.
    Simply put, HTTPS provides authentication of the web site and the web
    server that you are communicating with. It protects you (the User) from
    being unknowingly duped by an Imposter website site ‘pretending‘ to be
    the correct one and intercepting your data.
  8. HTTPs also encrypts (scrambles) the communications traffic in both
    directions . This protects you against eavesdroppers and anyone
    tampering with and/or forging the contents of your communication. It’s
    not 100% foolproof but in practice does offer the best guarantee that
    you are ‘communicating with the website you intend to AND that your data
    cannot be read or forged by any third party. Many popular websites have
    a HTTPS version that can be accessed by typing in https://www.sitename.com.  Get into the habit of using them when on a public network or connected to Wi-Fi outside of the office.
  9. Use a Virtual Private Network (VPN). A VPN connects multiple
    computers in different locations to the same network, via internet
    connections. Many companies use VPNs to connect with their remote
    offices as the data is encrypted and secure. The main advantage of a VPN
    is that you CAN connect to a public W–Fi network and transfer your
    data using the Free Wi-Fi’s bandwidth.
  10. There are also VPNs that allow you to securely access the Internet
    via a public Wi-Fi connection, while encrypting all data sent and
    making your computer anonymous. If you are a business with staff who are
    out of office a lot take a look at setting up VPN and ensure your
    business data stays secure.

If you’d like to know how we can help, please contact us.