When considering whether to connect to the public WiFi network at your local coffee shop, the airport, etc., I have two simple words of advice—don’t and DON’T. The massive flaw discovered in WPA2, the encryption standard that secures all modern WiFi networks, launched the possibility that anyone near you could easily access your information if you use a WiFi network. This includes information that was understood as being encrypted. Today’s WiFi standards are flawed and should not be trusted.
One of the biggest threats with free WiFi is the ability for hackers to position themselves between you and the connection point. So, instead of talking directly with the hotspot, you end up sending your information to the hacker. The hacker also has access to every piece of information you send out—emails, phone numbers, credit card information, business data, the list goes on. And once a hacker has that information, you’ve basically given them the keys to the kingdom.
However, despite numerous warnings, headlines, and efforts to educate, many people still don’t understand why connecting to free WiFi is an incredibly dangerous situation regardless of what you’re doing online. And while you may think ‘okay, I’m not checking my personal email or logging into my bank account, I’m just checking the sports scores,’ remember anything you do on a public WiFi network is NOT secure. Any information you share or access on these networks is as good as gone.
If you find yourself in a situation where you absolutely must connect to WiFi (first ask if you REALLY need to connect) here are a few suggestions to improve your safety:
1. Do not touch any of your personally identifiable information (PII)
If you use information over a public WiFi network, you are not treating it like it is valuable. Therefore, if you must use a public WiFi network, avoid touching any PII including banking information, social security numbers and home addresses at all costs. Remember, some accounts require you to enter things like phone numbers when you sign up, so even though you may not remember entering it, you may inadvertently be allowing access to personal information.
2. Use virtual private networks (VPN) instead
A VPN allows you to create a secure connection to another network over the Internet. VPNs can be used to access region-restricted websites, shield your browsing activity from prying eyes on public WiFi and more. They are an excellent alternative to public WiFi networks. While they do cost some money, the peace of mind and additional security is well worth it. Additionally, most employers will equip their employees with a way to connect to a VPN network on the go. And, they should. While employees are on the go and need to access WiFi networks to do their jobs, the company’s data is at a high-risk if they use a public network.
3. Use SSL connections
If you don’t have access to a VPN. you’re not completely out of luck. You can still add a layer of encryption to your connection. When browsing the internet, be sure to enable the “Always Use HTTPS” option on websites that you visit frequently, including any and all sites that require you to enter any type of credentials (most websites that require an account or credentials have the “HTTPS” option somewhere in their settings).
4. Invest in an unlimited data plan
Most of the time, individuals find themselves hastily connecting to public WiFi networks to save themselves from overage charges on their phone bills. But your mobile is just as likely to be attacked as your laptop, if not more. In fact, with the WPA2 flaw mentioned above, Android mobile devices were found to be the most vulnerable. Investing in an unlimited data plan will not only eliminate your need for accessing insecure WiFi networks, it will also often allow you to use your mobile device to create a personal internet “hotspot,” meaning a VPN connection wouldn’t even be necessary.
5. Turn off sharing
Be honest, when connecting to the internet at Starbucks or on the road at the airport, do you really need to have file sharing turned on? Not likely. File sharing is usually pretty easy to turn off from the system preferences or control panel, depending on your OS. Or let Windows turn it off for you by choosing the “public” option the first time you connect to a new, unsecured network.
There may come a time when your only option is an unsecured, free, public WiFi hotspot, and your work simply cannot wait. If that’s the case, understanding the risks of public WiFi may prevent you from falling victim to an attack. Regardless, it’s high time that individuals and employers take the risks associated with our growing use of public WiFi networks more seriously. These steps are simple, easy, relatively inexpensive and could save you from massive amounts of data theft both at home and at work.