Many people don't think twice about logging onto Starbuck's free wi-fi or using their hotel's wireless network when traveling, but the truth is, although public wi-fi hotspots
like these are very convenient, they also carry a lot of risk. Open wireless networks are prime targets
for hackers and identity thieves. Before you connect to a wi-fi hotspot, use the security guidelines below to protect your personal and business information, as well as your mobile devices.
Disable Ad-Hoc Networking
Ad-hoc networking creates a direct computer-to-computer network that bypasses typical wireless infrastructure like a wireless router or access point. If you have ad-hoc networking turned on, a malicious user may gain access to your system and steal your data or do pretty much anything else.
- Turn off ad-hoc networking in Windows XP by going to your Wireless Network Connection's properties and make sure you have "Access point (infrastructure only)" as the one option selected for type of networks to access. Kenyon College has visual instructions for turning off ad-hoc wireless for Windows XP, Windows 7, Vista, and Mac operating systems.
Do Not Allow Automatic Connections to Non-Preferred Networks
While you're in the wireless network connection properties, also make sure the setting to automatically connect to non-preferred networks is disabled. The danger if you have this setting enabled is that your computer or mobile device may automatically (without even notifying you) connect to any
available network, including rogue or bogus wi-fi networks
designed only to lure unsuspecting data victims.
- In Windows XP, make sure the checkbox that says "Automatically connect to non-preferred networks" is not checked (About's Wireless/Networking Guide has steps for disabling auto-connect for Windows XP); Windows 7 and Vista by default prompt you to approve new connections. Also make sure you only connect to known, legitimate networks (ask the hotspot provider for the SSID if you are unsure).
Enable or Install a Firewall
A firewall is the first line of defense for your computer (or network, when the firewall is installed as a hardware device), since it's designed to prevent unauthorized access to your computer. Firewalls screen incoming and outgoing access requests to make sure they are legitimate and approved.
- Both Windows and Mac operating systems have built-in firewalls that you should make sure are enabled, especially before connecting to a public wi-fi hotspot. You can also install third-party firewall software if you need more granular control of the firewall settings or rules.
Turn file sharing off
It's easy to forget that you have file sharing turned on or files in your Shared Documents or Public folder that you use on private networks but wouldn't want shared with the world. When you connect to a public wi-fi hotspot, however, you are joining that network and may be allowing other hotspot users to access your shared files.
- Before connecting to a public hotspot, make sure you disable file and printer sharing (disable sharing in XP in the network connection's properties; Windows 7 and Vista will turn off discovery for you if you specify the network is a public one, but you can check the Network and Sharing Center to make sure).
Log On Only to Secure Websites
The best bet is not to use a public, open wi-fi hotspot for anything that has to do with money (online banking or online shopping, for example) or where the information stored and transferred may be sensitive. If you need to log in to any sites, though, including web-based email, make sure your browsing session is encrypted and secure.
- Check the address bar to see if it starts with HTTPS (encrypted) rather than HTTP (not encrypted) and/or if there is a padlock in your browser's status bar. Note that some webmail programs encrypt the login page but not the rest of the browsing session -- make sure the setting in your email program requires using HTTPS or SSL encryption for the entire interface; Gmail has this option.
- Most instant messaging programs are also typically not encrypted; Aim Pro is one business-friendly IM program that can send instant messages over a secure connection.
creates a secure tunnel over a public network, and therefore is a great way to stay safe when using a wi-fi hotspot. If your company provides you with VPN access, you could, and should, use the VPN connection to access corporate resources, as well as create a secure browsing session.
- Remote accesss solutions such as LogMeIn can also create a secure tunnel to a second computer at home, from which you can access files or use do other computing.
- You can also use a free personal VPN service like Hotspot Shield, designed specfically to protect you when using an unsecured network.
Beware of Physical Threats
The risks of using a public wi-fi hotspot aren't limited to fake networks, data intercepted, or someone hacking your computer. A security breach could be as simple as someone behind you seeing what sites you visit and what you type, a.k.a. "shoulder surfing." Very busy public locations like airports or urban coffeeshops also increase the risk of your laptop or other gear getting stolen.
- For these reasons, you need to also keep in mind physical security measures like laptop security cables and laptop privacy screens.
Note: Privacy Protection Isn't the Same as SecurityOne last note: There are many applications that help you mask your computer address and conceal your online activities, but these solutions are only meant to protect your privacy, not encrypt your data or protect your computer from malicious threats. So even if you use an anonymizer to hide your tracks, the security precautions above still are necessary when accessing open, unsecure networks.