Great guest post from the guys at Corrata, who offer organisations control over employees’ use of mobile to tackle the explosive growth in mobile data costs and security threats.
How to make sure your staff’s summer browsing doesn’t ruin your business
The three things you need to be aware of, to keep you, your staff, and your company safe.
It’s the time of year when everyone’s heading off for a well-deserved break at their favourite holiday hotspot. And while they may be away from the office, it is a rare employee these days that doesn’t take their main communication device away with them. This could be their smartphone, tablet, watch or anything else they can use to go online. This, as we all know will lead your staff to seek out the most convenient high-speed access they can find. Inevitably this means using free public Wi-Fi at airports, tourist information centres, cafes, bars and lots of other places.
How should you protect your company data in these circumstances? Is it enough to advise your employees to always use password protected Wi-Fi hotspots provided by reputable brands? Unfortunately, it is much more complicated than that. In this blog post, we’ll explain why and make some suggestions about practical steps you can take to reduce the risk from ‘vacation time Wi-Fi’.
The danger of public WiFi
It’s is important to understand that even if you are using a public Wi-Fi connection which is password protected your online activities are still vulnerable. If the network is public then hackers can access the network too. It is always better to assume any public Wi-Fi network is a high-risk place to go online and that your traffic will be exposed to sniffing (i.e. potentially monitored by unauthorised third parties who you don’t want to see your data). Strong Wi-Fi encryption (such as WPA2) helps but there are plenty of other vulnerabilities that can still be exploited by hackers. The reason for this is that public Wi-Fi at hotels, coffee shops and other places are often administered by staff without a strong technical IT experience or security knowledge. Systems can easily be misconfigured, lack the latest security patches and will often use domestic rather than the latest enterprise grade equipment. Access points are rarely in physically secure locations which makes it trivial for an attacker to compromise the device with malicious software. Public Wi-Fi networks are rarely monitored for threats or suspicious activity. Free Wi-Fi provided in public outlets is an ‘add-on’ service, run by people whose main objective is to have a sign saying ‘free Wi-Fi’ to draw business and but with little concern about the security of your data!
Rogue or fake access points are another source of attacks to your data when you are browsing online. It is easy to quickly setup a laptop as an access point in a hotel lobby and then ‘entice’ devices to connect. Once traffic is captured in this way there are multiple techniques for stealing data, even data that is encrypted.
What can you do to mitigate risk for your organisation?
Three easy steps to make your company and staff’s data more secure:
Make sure all corporate apps use encrypted communications. A hastily launched or upgraded app developed internally or by a third party on behalf of your company may not use encryption at all times. You can use a product like Corrata to monitor unencrypted communications from wireless devices. This will help to identify potential security issues.
Use cellular data whenever possible for work related communications. The big advantage of cellular radio networks over Wi-Fi is that all traffic over the radio interface is encrypted. In addition, it is very difficult to fool a device into connecting to rogue infrastructure. While in the past roaming data cost and network speed would have been a concern, however, this is less of an issue now as costs have fallen and 3G or 4G is readily available. Typically business use is relatively low bandwidth, particularly when compared to nonbusiness use like video streaming for social media and entertainment apps.3. Alert users to the distinction between trusted and untrusted wireless networks.
Use trusted networks. This includes the corporate WLAN, the cellular network and, generally, staff’s home Wi-Fi. Everything else should be considered as untrusted and not suitable for business use. Employees need to be aware that their privacy and security, and that of their employer, are compromised when they use these networks outside the safe zone.
Encryption remains the bedrock of keeping your data secure but the second line of defense is using networks whose integrity you can rely on.
If you would like to have your company featured in the Irish Tech News Business Showcase, get in contact with us at Simon@IrishTechNews.ie or on Twitter: @SimonCocking
Ireland’s transition to electrified mobility continues to strengthen, with two in five Irish consumers (40%)…
South East Technological University’s (SETU) sixth annual Women in Technology event will bring together role…
By David Stephen who looks at the idea of Digital Insurance and how it could…
Irish small and medium-sized enterprises (SMEs) are increasingly aware of the growing risk posed by…
The Spider Awards, Ireland’s longest-running and most prestigious digital awards ceremony, is proud to announce…
National Broadband Ireland (NBI), the company responsible for delivering the Government’s National Broadband Plan (NBP),…
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at Simon@IrishTechNews.ie now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at Info@IrishTechNews.ie now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.