Stand in any public space and you’ll find that you can ‘see’ many WiFi networks. Look closer and you’ll see that many of them are publicly accessible – just log in with an email address or your Facebook account, and you’re ready to go.
WiFi is good business – and bad
For many shops and cafés, providing free WiFi is great for business. Shoppers actively choose those establishments that provide them with free WiFi.
And for mobile sales teams, of those who just cannot make it into the office, the local coffee shop makes for a quite convenient secondary workspace. But all is not as it seems – public WiFi hotspots also present a huge risk to your corporate security.
Opportunistic criminals have begun deploying “fake” access points in public places that carefully analyse traffic passing through. This then allows them to capture sensitive data including passwords, credit card details and even sensitive intellectual property.
A genuine threat to your business
The risks presented by “free” WiFi networks is so severe that 62% of global organisations now forbid their employees from using free WiFi. A further 20% of businesses plan to introduce similar bans in the very near future.
Here in the UK though, businesses do not appear to be taking the issue anywhere near as seriously – just 47% have a ban in place. And it would seem that ignorance plays a large part in their decision.
In the UK, employees are identified as the number one threat to security by 64% of IT decision makers. In the US, insecure WiFi hotspots take first place. And although users are a significant threat, that risk is intensified when they connect to corporate resources using weak WiFi.
Using free WiFi safely
Obviously, the safest option is to ban employees from using free WiFi to access corporate resources. But your mobile workers do need to be connected – so how can they do so safely?
1. Implement VPN connectivity
If data passing between the user’s mobile device and your company systems is encrypted, it becomes almost impossible for hackers to decode. Using a virtual private network – VPN – all data passing between laptop and server is securely encrypted.
A VPN should be a standard requirement for any device connecting to company resources – even over “secure” WiFi networks.
2. Train your staff
Fake WiFi networks trick people in the same way as scam emails do – they look just about right. If you’re sitting in Costa Coffee and there’s an unsecured available network named “Costa_Coffee” open, it looks like it might be the official in-store WiFi network. But can you be sure?
Your mobile staff need the training to help them identify what is, and is not, normal. And if they’re not sure, they must not connect.
As Cloud-based solutions like Google Apps for Work take over from traditional IT systems, WiFi connectivity is vital. And so it is that your business needs to take a long hard look at WiFi network security and how your employees access corporate resources, or you could end up in serious trouble.
Obviously, this all sounds a bit complicated – so get in contact to discuss improving data security for your remote workers.