As world cup fever grips the world, spare a thought for the millions of tourists in Russia who could potentially become the victims of hackers. The UK’s National Security Centre published steps tourists in Russia need to take to ensure their data remains their data. One key tip was to avoid public WiFi networks and not have a one word fits all account password.
BUT this is not just true for large sporting events, this happens all the time in all types of public places. In fact, the World Economic Forum even ranked cyber-attacks as the third greatest global threat, right after extreme weather and natural disasters.
You, like many of us, when you arrive somewhere new, like a hotel, café, get on a train, plane or at a meeting, want to get online within the first few minutes.
BUT how secure do you think that free WiFi is? Is it even the free WiFi that you think it is?
Criminals can listen in to your free WiFi connection. Criminals may well ‘be’ your free WiFi.
Avoid public Wi-Fi networks when you can. Even if you think you're somewhere safe, like having a coffee in your favourite coffee shop, or in a hotel lobby it's not worth the risk. You don't know who else is sitting there also, and you don't even know whether the network you're connecting to is legitimate. After all, it's not hard for a hacker to create a hotspot with the name ‘Hotel Free Wi-Fi.’
If you absolutely have to connect to one, don't do anything sensitive. If you really need to, then avoid sites that require you to log in. Browse information only. No logging in anywhere.
So what’s the solution?
- Use your mobile device by tethering or invest in a WiFi dongle. 4G is widely available and much more cost effective than in the past. 3G/4G is also far more secure than public Wi-Fi are portable hotspots, the pocket-sized devices you can buy. They give you a secured individual Wi-Fi connection around the world, so you can connect to the internet without using international data or open Wi-Fi.
- Use VPN technology. Think of a Virtual Private Network as a tunnel that encrypts all your data as it passes through and scrambles your location (by changing your IP address), even if you are connected to the internet through a public network. No one, not even the internet service provider, will know what you're sending across the network. But the most important thing to do is make sure the one you choose has a no-log rule—that is, they don't keep records of your use and traffic.
- If a website starts with ‘ https’ it means it's encrypted, making your browsing more secure. If it's missing that "s"—for secure—anyone can see what you're doing. To be safe, install HTTPS Everywhere as an extension into your browser.
ISO 27001 WiFi Security
So what does ISO 27001 have to say about WiFi security and what should business be doing and advising? Well ISO 27001 is the international standard for information security. It is an information security management system. Part of it looks at how we would safely use free WiFi.
ISO 27001 Policy Document WiFi Security
Having an ISO 27001 policy document that covers how you will plan WiFi networks and public networks is your first step. Implementing ISO 27001 and gaining ISO 27001 certification is becoming a must have for business. ISO 27001 certification is quick, simple and affordable and we are here to provide you the essential protection of your data in a low impact, pain free approach.
If you would like to find out more about how to ensure your team is keeping your critical company data safe whilst on the move, then get in touch with CT today.
- Recent Posts
- Exchange 2010 End of Support Is Coming
- Chris Barr, Technical Director, Answers your Critical MS End of Support Questions
- Why you should consider a strategic IT review in 2019
- General News (82)