Businesses should ensure their employees are being safe and smart when using public wi-fi networks because they are unsecured networks for public use. Using public wi-fi could compromise your entire internal network, if there is a breach.
Once you are on a public wi-fi network, anyone else on that network can potentially see your device. Some people believe that if they change their device configuration to “public network” it protects them but this is not the case. Cyber criminals have network analysers on their smart phones to see what operating system and IP address people are using, to engage in attacks on their system.
Further, anyone on the network can see and explore the device. Traffic can be intercepted stealthily, creating opportunities for malicious activity such as man–in-the-middle attacks, and identity and data theft. With many professionals using public wi-fi to conduct business in an increasingly mobile world, businesses must consider whether the risk is acceptable.
Some activities that employees should avoid include:
- Logging into personal accounts that they don’t want others to gain access to. Public networks let hackers see log-in credentials and save them for later.
- Banking or actions that involve personally-identifiable information. Common mistakes include checking bank statements, credit card accounts and logging into personal and professional email accounts through web browsers.
- Logging into business accounts. Just as with banking, cyber criminals can intercept credentials and access employers’ systems.
- Sending messages over Facebook, Messenger, Skype or any other instant messaging system. These are transmitted without encryption and can be easily viewed.
A recent survey found that 95.6 per cent of respondents used public wi-fi to carry out work tasks.* While most employees can see the risk of using public wi-fi, they want this functionality and believe their need for conducting business is greater than the need to protect the data. Alternatively, they believe that they won’t be a target so they will use it anyway.
Many businesses are failing to ensure that mobile devices are secure whether they are company-issued or BYOD. Many have little or no security, no passwords set up, no encryption and no security software. This put the company, the employee and customers at risk of suffering a cyber attack.
While public wi-fi may be convenient and can add business value, employees should be mindful and take precautions. If possible, employees should wait until they are back in the office or can access a secure wi-fi connection before accessing sensitive files or systems.
* http://www.gfi.com/blog/survey-95-6-of-commuters-in-the-us-put-company-data-at-risk-over-free-public-wi-fi/
Sean Murphy, ANZ Channel Community Executive Council Member and Owner, Nexus IT
