Public Wi-Fi is very convenient, but it can also be a dangerous place for your devices without the correct procedures in place.
In fact, public Wi-Fi hotspots are inherent security risks – you don’t necessarily know who has set them up, who else is within the network, and whether they’re safe (even with password protection).
The only person who is responsible for your activity on public Wi-Fi is yourself, and there are a number of best practices one can take to mitigate risk.
With this in mind, we have compiled five top tips to help you stay safe on public Wi-Fi.
Verify network legitimacy
Always check the wireless network name and verify with an employee that the wireless network has been set up by the business (e.g. coffee shop Wi-Fi).
Hackers are opportunists, and one method they use to harvest data is to create a Wi-Fi ‘honeypot’ hotspot. These are often not password protected and are set up in busy public places where the need for Wi-Fi is greatest, such as airports or city centres.
Posing as a legitimate community resource, Wi-Fi honeypots are used by hackers to intercept network traffic and harvest both personal and business data.
Therefore, it is essential that you know whose network you are using and preferably only use password-protected Wi-Fi networks – or else, you never know who is watching.
Use a VPN
A Virtual Private Network (VPN) encrypts data travelling to and from your device and is a must for conducting business or communicating with confidential data over public Wi-Fi.
Acting as a protective tunnel between your device and a larger, more secure network, a good VPN masks your IP address, your true location, and all of your internet activity from prying eyes, meaning it is much harder for a cyber criminal to intercept your data.
However, some VPNs are more secure than others, and there are people who will use false VPNs to steal your data.
If you do opt to use a VPN, then make sure that the service is provided by a reputable company.
Only browse HTTPS websites
When browsing the internet, you may notice the green padlock icon in your address bar with HTTPS (also known as an SSL certificate) before the web address.
This means that communications between your browser and the website are encrypted. Encryption makes it very difficult for cyber criminals to access the data passing between your device and the website, because the information is scrambled behind randomly generated numbers.
Accessing websites without an SSL certificate on a public network is highly dangerous. Essentially, simply visiting a website without HTTPs leaves a web footprint behind, potentially allowing anybody to spy on your browsing history and identify you.
No SSL certificate also means that criminals can potentially hijack web pages and re-route the URL to a seemingly identical page riddled with malware.
It goes without saying that you should never make transactions or transmit confidential information over a website without an SSL certificate, but this is even more important on public Wi-Fi.
Whether it’s personal or financial, anybody could access your data. Even data that is not confidential can be used to identify individuals, so it’s recommended that you avoid websites without HTTPS entirely.
Note: HTTPS does not guarantee website safety, but the encryption factor does make the site far more secure than a HTTP site.
Secure your device
Your device is potentially vulnerable on a public network, so you must treat public Wi-Fi differently to your business network.
For example, regardless of whether you use public Wi-Fi or not – equip your devices with all of the requisite cyber security solutions available on the market. This includes endpoint security, network security, and email security, amongst others.
You should also use multi-factor authentication (MFA) for your accounts. MFA, the layering of security with two methods or more, means that even if your login credentials are compromised, you can still deny attackers access to your accounts because they lack a code or even a biometric scan unique to you.
One method that often gets forgotten about it ensuring that File Sharing is disabled on your PC and that AirDrop is disabled on your iOS/Mac. This will prevent people nearby from potentially stealing your files.
With public Wi-Fi, there are all sorts of factors that are outside of your control, but a device configured properly with a range of cyber security solutions and best practices will make your files and data far more secure.
Never assume confidentiality
Finally, regardless of the steps you take – never assume confidentiality.
All of the above recommendations are minimum standards to meet when conducting business on a public network.
However, whilst they are effective steps to take, never assume that you’re 100% safe. If you do not need to make transactions, transmit confidential data, or visit a website without an SSL certificate, then do not do it – wait until you are on a secure, private network.
Alternatively, you can use your smartphone as a secure, portable Wi-Fi hotspot. Be warned though, this method does require a large data plan so check your mobile data allowance beforehand.