In a business world where organizations expect you to be connected and productive at all times of all days, the convenience of having publicly available wireless networks wherever you are is fantastic! Or is it? The answer is, it depends.
The availability of an internet connection can cut both ways. While it can give you a chance to get your email, send a file out, or do some research, it also may give you the “opportunity” to share all of that information with the world. Hackers snooping on public wifi networks is a very common practice. With very little hardware or software and a quick search on the web about how to set it up, even the most amateur hacker can launch a “man in the middle” attack.
A man in the middle attack is when the hacker gets in between you and the public wifi, or “in the middle”, and is able to see all of your information as it passes by. They often do this by connecting to the public wifi themselves and then setting up their own wifi with a similar name. For example, if you were in Joe’s Pizza and they name of the wifi they were offering was “Joe’s Wifi”, the hacker might setup his as “Joe’s Free Wifi”. As a user, you would not know you were connecting to the bogus wifi if you connected to the new one because you would be able to get to the internet as usual. However, all of the information being passed to the internet passes through the hacker and he can see and capture all of it.
So what can you do to protect yourself? Most importantly, if you are connecting to a business network from a public wifi you should always do so over a virtual private network (VPN). This is a technology setup by the business that protects all of your data from the hacker as it encrypts it along the way in a private tunnel (think of it as your own private highway). If you do not have access to a VPN for public access, the next best thing is to setup your mobile phone as a hotspot and connect to your own wifi from your computer. This will use your mobile data but increasing your data plan would be much more cost effective than losing all of your company’s private data.
This blog post was provided by Michael Giuffrida, an accomplished business consultant with decades of experience helping organizations grow profitably in the IT security space.