Thanks to the power of public WiFi, it was common for many of us to head out to the nearest coffee shop, order an iced macchiato with an extra shot of espresso, whipped cream, and caramel drizzle, and pop open the work laptop to get stuff done in a cozy, public environment.
Well, it was common before COVID.
Anyways, the public WiFi that made this possible hasn’t always been secure. In fact, it used to be terrifyingly unsecure. It’s better now than it used to be, but your company should have a policy on public WiFi usage. Here’s why.
Imagine mailing a letter to your bank instructing them to transfer funds from one account to another. You would have all sorts of personal information including bank account numbers, maybe your Social Security number and the amount of funds in the accounts.
It’s probably not that hard to imagine. We used to do it all the time – some of us still do. (There are still people who file taxes by mail!)
Now, imagine giving this letter, or your tax documents, to a postal worker and not sealing the envelope! Your letter will be handled by several mailpeople throughout its journey. Any of them could easily read all of the details of the letter and use that knowledge to commit fraud! Or at very least know a lot of personal details about you.
Public WiFi Providers are the Postal Workers
When we use public WiFi, we are essentially giving a letter to the WiFi provider. Maybe the provider is benevolent. Maybe they are malicious. Maybe the WiFi we are connecting to is a fake one (anyone can name their WiFi network “Starbucks”).
Even if you’re using encrypted sites and services on a secure network, the WiFi provider has the ability to inspect the data that it sends. Just like a postal service carrying a letter or package, they will know who the sender is, who the receiver is, and how much it weighs (how much data you are sending). If your applications are not encrypted then you are handing over an open letter – they could look at literally everything!
Worse yet – if you’re connecting to an unsecured network (like xfinitywifi) then it’s like handing over the letter without an envelope at all. Anyone nearby could look at it and see what it says!
Unencrypted websites and applications and unsecured networks are all significantly less common than they used to be, but they still exist.
Rather than relying on the benevolence of public WiFi providers and on every website and application to encrypt their traffic – it is much better to take matters in your own hands.
So what can you do?
1. Use a personal remote hotspot or smartphone tethering.
The first course of action you can take is avoiding public WiFi altogether. Instead of connecting to the Internet via a public hotspot, use a personal data access point or smartphone tethering. This guarantees that you are connecting to a trusted, private network.
There’s no need to worry about the dangers of public WiFi at all – just make sure your personal access point is secured with a good password!
2. Use a Virtual Private Network (VPN).
If you want to maximize your security while using untrusted networks (all public WiFi should be treated as untrusted), use a VPN.
VPNs are tools that provide an additional layer of encryption security to all of your web traffic. VPN providers will host a server (or many servers) in a remote location. The VPN software on your computer will encrypt your traffic and send it to the VPN server, which will then forward your traffic to its destination. Data being sent back to you is encrypted in the same way: first to the remote server and then back to you.
Continuing the letter delivery analogy, the VPN is like a private courier service. Nobody except them can tell who the sender is, who the receiver is, or even what kind of package is being delivered.
Free VPNs might sound like a good deal, but they aren’t making money by providing you a service, meaning they have to make money another way like collecting and selling your data. Avoid free VPNs altogether, with the exception of free/trial tiers of premium VPN services.
Public WiFi Policy for your Businesses
If you have remote workers with mobile devices they can work with from anywhere, your company needs a public WiFi policy. Here are a couple of options:
Option A: Users are not to connect to public WiFi networks. They should instead use a remote access point or smartphone tethering.
Option B: Users are only to connect to public WiFi networks with their company-provided VPN service turned on.
There’s nothing wrong with enjoying the coffee shop atmosphere and a vanilla cappuccino while getting some work done. Just be sure to enjoy it securely!