Public WiFi and Privacy: How Secure is Your Data?
** Note ** I’m writing this as someone who is a remote digital worker utilizing SAP cloud and very concerned about security of both my data and my vendor data.
Although widespread use of personal devices and more robust data plans make use of public networks less necessary, there are still times when we have little choice.
Our advice has always been to avoid connecting to public WiFi at all costs. However, remote work, the gig economy, and more business travel mean you may be stuck with the network at the airport or local cafe from time to time. In fact, a recent survey conducted by ITRC discovered that 3 out of 4 respondents admitted to using a free public signal at some point in the previous year.
Freelancers know the struggle when it comes to juggling network availability and security. We’d like to pass some warnings and a few security best practices on to you, dear reader.
The Hidden Danger of Public Networks
The dangers of public networks vary, depending on where you’re connecting. In general, the more people on a network, the more difficult it is to secure. Unlike your router at home, which is easy to protect and has limited access from outsiders, public networks can have hundreds of devices using them at the same time. Just makes sure that you keep your own network accessible only to those with the passcode.
Some companies mitigate this to a certain extent by segmenting their connections to provide separate lines for guest devices and staff. But, networks at places like airports, in libraries, and at other places where lots of people gather and connect typically use the most cost-effective – and potentially insecure – service possible.
There’s a new virus unleashed on the public every 39 seconds. What risks do you incur from connecting to a public WiFi network without protection?
These are the most likely problems, in no particular order:
* Increased login vulnerability through stolen passwords and usernames
* Man-in-the-Middle attacks by hackers who intercept your data while it’s in-transit
* Snooping and spying from governments, employers, and cyber criminals
* Malware infections that are distributed through open network connections
* Ad hoc technology that allows your device to search for available networks
* Exposure to worms that infiltrate and take over your system
* Rogue networks that are set up by hackers and simulate legitimate, safe connections
5 Ways to Secure Your Data
Government agencies are trying to do their part to protect consumers by creating global data protection legislation that governs how websites gather, store, and use your information. However, they can’t do much to protect you from random attacks or data leaks. In fact, only a small percentage of hackers are ever caught and brought to justice.
That’s means personal and business protection are left up to individual website owners we count on for services and our own level of concern.
Despite our best efforts, the cost of data breaches will rise to $150 billion dollars this year. Here are five ways you can protect yourself.
Install a VPN
The most common way computer users protect networks at home and on the go is to install a virtual private network (VPN) on their device. These can be installed on your router at home and on individual devices.
A few caveats about VPNs. It’s okay to find a cheap service provider, but avoid free services. They often make up for the free availability by selling your information to marketers or turn it over to government agencies. A 2020 VPN report by Privacy Canada indicated that various VPNs have country dependent logging policies, in simplified terms depending on the VPN jurisdiction and physical presence they may or may not track your online behaviour.
Look for a company that’s located in a country without jurisdiction in a Five Eyes nation, backs up their promises in writing, and allows multiple device connections so you can take it with you on the go.
Use an Encrypted Browser
Many browsers have an incognito mode, but that isn’t really enough to protect you. Many service providers still sell information to third-parties for marketing purposes. An alternative is a private encrypted browser like TOR.
The Onion Router (TOR) had an estimated 17 million users as of the latest information available. Although this network is known as a gateway to the Dark Web and it’s 60,000+ domains, it’s being increasingly used by those who want to surf in privacy. It’s also an ideal solution for people living in countries where certain websites are blocked, and you can even install it over a VPN for added security.
Use Network Verification
As mentioned above, some cyber criminals create fake networks that they use to lure unsuspecting visitors. In order to make sure that the network you’re connecting to is legit, you can ask the network owner, such as the cafe manager or whomever else is responsible for maintaining public networks at your location for the name of their network. You can also ask the offering IP address for verification.
Once you’ve verified that you’re on a legitimate network, turn off file sharing and WiFi signal search capabilities for the duration of your session.
Avoid Unencrypted URLs
If you look at the URL bar when you visit a website, you’ll notice a little padlock icon and an https prefix just before the IP address. This means that the URL is protected by SSL encryption. It’s not quite as secure as using a VPN or an encrypted browser, but it does provide some protection from malicious code and eavesdroppers.
Use a Firewall
While you have no control over how the administrators of the public network you’re using configure their firewalls, you can keep yours enabled to add an extra layer of protection. Make sure that you have it properly configured and rules set in place to block known and suspected threats from unreliable networks and IP addresses.
In addition to the above tips, make sure to always be aware of your surroundings when using public networks. Shield your device when signing in to accounts. It only takes a second for someone peeking over your shoulder to take a snapshot of your login information.
Never leave devices sitting where someone can view your screen, use two factor authentication for access, and sign out of any accounts that your access from a strange device, such as those available in public libraries and internet cafes.
Whether you’re safe at home with your own ISP or working from a remote location while your travel, protecting your privacy and data is essential. Combining common sense and security best practices will reduce your chances of a data breach and help keep your system safe from viruses.