Awareness : Security Awareness Tips

Public Wi-Fi Safety

Public Wi-Fi is very convenient for anyone looking to surf the web while on a lunch break or while at a coffee shop.  It is so widely used and yet not everyone knows of the security dangers.  Many people check their bank accounts or go shopping online while on a public Wi-Fi not realizing that someone can be snooping on their activity.

While at a coffee shop an attacker can fool a user into connecting to an “Evil Twin” Wi-Fi access point.  The name is usually similar to the one at the coffee shop but it is set up to eavesdrop on wireless communications.  The hacker may even position the access point closer to where people are using their computers.  This will make the signal stronger fooling the user to believe it is the legitimate provider.

Once the hacker has access to your computer they can launch a Man-In-The-Middle Attack.  This allows the hacker to eavesdrop on traffic and steal passwords.  Sniffer Software can also be used to monitor computer traffic as well.  They can eavesdrop on emails, chats; collect log-in and other personal information.

Here are a few tips to help you not become a victim.

  1. Make sure you connect to the right network.   Before connecting to a public Wi-Fi, ask an employee to make sure you are selecting the correct one.
  2. Turn off Sharing.  At home, users share files, printers and even allow remote login from other computers.  When you are in a public place it is important to turn off sharing because anyone can access files especially when they are not password protected.
  3. Enable your firewall.  A firewall manages incoming and outgoing connections.  Most operating systems include a firewall.  On Windows, you can find the firewall settings in the Control Panel under System and Security.  Click on Windows Firewall to see if it is on.
  4. Hide Folders.  In Windows you can hide folders with sensitive data.  Right click on a folder containing sensitive data.  Click “Properties” then check the “Hidden” button.  Then go to “Windows Explorer”, click “Organize” and select “Folder and Search Options”.  Go to the “View” tab and check “Do not show hidden files, folders, or drives”.
  5. Use a VPN.  A VPN routes traffic through a secure tunnel even when you are on public Wi-Fi.  Free VPNs do exist but a paid service will ensure the integrity of the connection.  If you will be working away from the office ask your IT department if they offer a VPN service so that you can access the network remotely.
  6. Use HTTPS and SSL when possible.  HTTPS and SSL are used to make connections more secure.  For example, Gmail can be accessed through http://www.gmail.com or https://www.gmail.com.
  7. Do not automatically connect to available networks.  Disable the option to automatically connect to an available network.  This will reduce your risk of accidentally connecting to a malicious network. 
  8. Use different Passwords.  Using different passwords for each online account is important if one of your accounts becomes compromised.  By hacking into one account they will have access to your other online accounts if the passwords are the same.  A password manager can help you keep track of all your passwords.
  9. Keep Software up to date.  Update your operating system, anti-virus, and web browser software.  These are important because they are fixing security holes.  Once these patches are available to the public, everyone knows the security issues they are fixing.  If you postpone updating your software your computer may easily become a target.
  10. Use Two-Factor Authentication.  This means that you need two pieces of information to log in.  For example one could be a password and the other could be a code sent to your phone.  Each time you log in from another computer you will be asked for both.
  11.  

For more Information:

Posted: November 5, 2013