WiFi hotspots at hotels, restaurants, airports and other public venues have become increasingly popular in recent years. According to the Office for National Statistics, only 0.7 million people were using them in 2007, however in August 2011, that figure had increased significantly to more than 4.9 million. This figure is set to increase even more dramatically leading up to and during the 2012 Olympics.
UK network providers such as Virgin Media and O2 are currently rolling out plans to provide free WiFi networks in public places across London. This is great news for locals and tourists, who will now be able to access the Internet while out and about, travelling in the city, or even whilst they are at the Olympic games. However, people are facing an increased risk of being exploited by hackers as more and more of these public networks pop up.
This will no doubt affect businesses. The number of people using personal devices to connect to corporate networks is rising and businesses face the risk of employees potentially accessing sensitive data whilst using untrustworthy hotspots.
How the hackers can get your information
A recent survey by PricewaterhouseCoopers (PwC) claims that 54 per cent of small businesses – and 38 per cent of their larger peers – do not have a security awareness programme in place. More WiFi hotspots will become available, giving more hackers the opportunity to set up fake versions of these hotspots.
So now is the time to be talking to your employees about security. Make sure your employees are aware of the different threats out there and give them simple tips to ensure safe surfing when accessing a WiFi hotspot. Employees need to understand issues such as the following, which can compromise the security of their personal data as well as corporate data:
- Easy passwords: The most basic but crucial step to protecting yourself online is to practice good password management techniques. Research shows us that majority of people still choose a simple word that is easy to remember, such as their name or initials, a child’s name or birthday, or even something as basic as ‘password’, or ‘12345’, which can easily be guessed by a hacker.
- Keylogging: Keylogger scammers use software that logs keystrokes without the user’s knowledge and conveys the data to a hacker who can then use the information to access bank, credit and ecommerce accounts.
- Unauthorised access points: Hackers can also set up unauthorised access points, asking you to enter your details and a password. Spotting an unauthorised access point is not always easy. People are always in a rush to enter their logins and need to be aware that unauthorised access points could appear anywhere, even as you log into your mailbox. Tell your employees to be on the look out for pop-up checkpoints.
Here are 5 tips you can share with employees to make sure they keep safety conscious on public WiFi hotpots:
1. Use strong and different passwords
Don’t use the same password for every account. If a hacker gains access to that password, then they could have access to all your other accounts. Passwords should consist of complicated number and letter combinations, and not include information that can easily be found and pieced together from social networking sites.
2. Consider a password management tool
There are a wide range of password management tools available for all types of devices. A password management tool can be beneficial as it means you don’t need to remember complicated passwords or manually fill in form information on a number of accounts. Typically you only need to remember the one master password, and then all the rest is automatically filled in for you. Password managers also help ensure you won’t fall victim to keylogger scams, as you don’t have to type in your individual passwords and any other personal information.
3. Check your automatic functions
Remember to deactivate auto detect and automatic connect functions and turn your WiFi off when you are not using it. Even if you aren’t surfing the Internet, hackers can still access your computer via the WiFi connection.
4. Check if the site is encrypted
Find out if the site you’re on is encrypted or not. If it has HTTPS rather than just HTTP in the URL or a padlock symbol at the end of the address bar, then your activity on that site will be encrypted and everything you do on there is confidential. Also, don’t let the browser save your login details when you log in.
5. Avoid using the connection if you can
If you do log on to a public WiFi hotspot, then be careful what you do over the Internet connection. Be weary of sending sensitive information via instant messaging or emails. Don’t send things like bank account details or sensitive corporate information unless you are sure the connection is secure.