Thursday, October 15, 2015

Stay Secure on Public WiFi

With data plans becoming more expensive and less optimal, it has become critical to use WiFi to avoid high phone bills and to provide a better experience with streaming media, uploading, downloading, etc.. Most people know this already so when there is free WiFi available they connect without hesitation. Coffee shops are the most common but now they are popping up everywhere including libraries, airports, retail stores, and so on. These networks are insecure and you really should not be using them until the security improves. But since I know you are going to anyway, here are some tips for improving your security while using these open WiFi networks.

Use a VPN

A VPN (Virtual Private Network) creates a secure tunnel between your device and the VPN provider. Any traffic going in or out of your device (Internet, Outlook, RDP, etc.) will be forced through the tunnel (which is encrypted and secure). There are many good VPN providers but the key is finding one you can trust. They are typically a subscription service that can range anywhere from $3/month to $20/month but its well worth the money. Additionally, most of them have their own mobile app for Android and iPhone which is pretty awesome. Using a VPN is the best thing you can do to improve your security on open WiFi networks.

Disable Network Discovery & Sharing (Windows Users)

When you first connect to the open WiFi, if you haven't connected there before you will be prompted by Windows to select the type of network you are connecting to: Home, Work, or Public. The option you choose is important because this setting determines the level of trust on the network. For example, selecting the Home Network option tells Windows that you are on a private and secure network and to trust the other computers on the network. Windows will attempt to find other computers on the network and will also advertise your computer on the network. Always select Public Network when using open WiFi networks. This automatically disables network discovery and sharing.

Uncheck "Connect Automatically"

When you connect to a WiFi network for the first time, the box "Connect Automatically" is checked by default. This is because most people don't want to re-type the password each time they connect to that WiFi network. So what if someone spoofs the network and your device automatically connects to them? Everything will seem normal except the attacker is sniffing all your passwords and spying on you. You want to ensure your device is connecting to the correct WiFi network so uncheck this box and deal with typing in the password each time. In Mac OS X it is called "Remember networks this computer has joined".


Mac (AirPort Settings):

Avoid Sensitive Websites

Avoid accessing sensitive websites such as financial sites, work sites, etc. Even if you are using a VPN or connecting to a site that is using HTTPS, it doesn't mean you are 100% secure. So why risk it? Do you really need to check your bank accounts while having a cup of coffee at Starbucks? It can wait, avoid sensitive sites.

Use "HTTPS Everywhere"

HTTPS Everywhere is a Chrome and FireFox add-on that forces encryption between you and several major websites. This is a fantastic add-on but you shouldn't rely on it entirely for your browsing security. Use this in conjunction with a VPN.

In conclusion, my best recommendation is to avoid these "free" and open WiFi networks altogether but if you absolutely need to connect then follow the recommendations in the post. It will greatly improve your security but remember, there is no such thing as being 100% secure.