The problems associated with working via public Wi-Fi are well known, especially now as workers globally shift to a remote working or hybrid model of office use.
Even though a large number of companies have recognized the advantages linked to remote working and having staff members work from home, many other organizations are putting in place the hybrid working routine that permits employees to be based away from the office for part of their working week at least.
However, there are many things to be wary of when it comes to accessing the Internet via public Wi-Fi networks, one of the most significant being the Wi-Fi access point that people log on to is not the same as the Wi-Fi network of the individual’s employer. It has happened on previous occasions that cybercriminals have created WiFi networks which are designed to look like authentic Wi-Fi access points. This type of connection has been labelled as ‘evil twins’.
Hackers are known to set up malicious proxies, view network activity, and create user redirects to take Wi-Fi users to websites that are loaded with malware. If Bluetooth and NFC are enabled, a hacker could locate nearby devices and download information that could allow them to locate and focus on a specific individual.
There are a range of different tactics that should be implemented to prevent remotely-based workers from sharing their details due to a phishing attack, or otherwise impact their device or their organization’s databases. The most straightforward of these is to restrict or forbid the use of public Wi-Fi networks. However, doing so may greatly impact the productivity of remote workers.
Logging on to a public WiFi network, if there is no other solution available, should only be done if there is encryption and strong authentication in place to ensure a high level of security. It is also wide to make sure that a password is necessary to access the WiFi hotspot.
It is advisable for organizations to implement a variety of different security measures such as setting up a company policy that bans the use of public Wi-Fi networks or uploading any sensitive data on websites that do not begin with ‘HTTPS’. Creating a Virtual Private Network (VPN) for employees with enough capacity to permit everyone to log on at the same time is a smart move as it extends the scope of web filters to remote workers’ devices. This will stop access to web pages known to be malicious and stop malware downloads.
Options like WebTitan are simple to configure so as to secure remote workers’ devices, and filtering controls will then be managed in the same manner as if the employee was sitting at a workstation in the corporate headquarters.
It is also important that cybersecurity best practices are followed like running all patches and software updates once they are available. Multi-Factor authentication should be enabled and anti-malware software installed. Anti-spam services – like SpamTitan – should also be configured to stop email attacks, and firewalls should be switched on to stop unauthorized inbound and outbound connections.