Free Wi-Fi at the Cafe? Read this Before You Connect

Paul Mah

Fancy a utility that allows even novice users to hijack an active social-networking session with a click of the mouse? That's what Firesheep, an add-on for the Mozilla Firefox browser does. Of course, victims must first be connected to an open wireless network for this third-party software to do its trick, which I outlined in a blog post yesterday.


SMBs must understand, however, that Firesheep was created to bring attention to the fact that practically all free or public Wi-Fi Internet connections are not encrypted. As such, it is easy for it and similar applications to intercept and recover information that users assumed was private. So what can SMBs do to ensure that employees are not putting critical business information at risk?


Don't Use Public Wi-Fi Access Points at All


I know this might sound counterintuitive, but the best solution is simply to not use public Wi-Fi access points. The exception would be to only use public wireless access points via a VPN connection. (More on this later) You see, the wireless nature of Wi-Fi means that it is susceptible to brute-force cracking and other tricks that could let a hacker in. While it is true that some encryption schemes and configurations are not considered breakable, the ability to differentiate between them is beyond the technical ability of the typical employee. To make matters worse, it is also relatively easy for a determined intruder or hacker to physically tamper with a public Wi-Fi access point in order to snoop on it.


Ultimately, it does not pay to disregard the amount of sensitive data that gets transmitted over an insecure network. Even in the short span of time that it takes to quickly connect and check some movie times, browser plug-ins or other software could perform a software update, which could result in personally identifiable data being leaked inadvertently. That's not all. Applications such as your IM client could also attempt a login, or the e-mail client could check for new e-mails, too. Usernames and passwords information will be compromised if this software are not already configured to use encryption.


Use a VPN


The most secure method of accessing sensitive data while on the move is to use a VPN. A VPN server can be deployed by repurposing an existing server, purchasing new network equipment with support for this functionality or by simply acquiring a dedicated VPN appliance. A modern operating system such as Windows Vista or Windows 7 can be configured to establish an encrypted channel to most VPN equipment on your network with relative ease in most cases.


SMBs not willing to spend any money on infrastructure can also pay a VPN service provider for access to VPN gear. This works in cases where the number of employees who require VPN services is low or where the technical complexity of setting up and hosting a VPN server proves to be too high. In both cases, all Internet or network-bound traffic will be automatically funneled through the protected VPN connection, making it safe from snooping.


No Access to VPN? Some Alternatives


What if the use of VPN is not an option? Well, one reasonable alternative for a slightly more secure Internet connectivity would be to use a more "private" Internet connection such as a 3G or MiFi modem.


In addition, it is always a good idea to enable encryption in applications that support it. This could range from the use of FTP Secure (FTPS) when performing file-transfer operations or enabling SSL encryption when accessing e-mails via IMAP or POP. And, of course, to always access Web sites using HTTPS where supported.

Add Comment      Leave a comment on this blog post
Mar 15, 2011 10:58 AM Anelly Anelly  says:

I'm using ibVPN service and all my traffic is encrypted and i have access to any blocked websites. great solution

Aug 3, 2011 10:52 AM Novak Novak  says:

Experts predict that the VPN will continue to grown in popularity as businesses to save money on remote network access for employees. There is many reasons that predict great future for VPNs:

.     Works for PC on Windows /Linux/Mac OS

.     Works for mobile on Android/Windows/Mobile/iPhone/Blackberry/Symbian

.     High level of SSL encryption

.     Work over any type of Internet connections (Cable, DSL, dial up, Satellite, Wi-Fi, etc)

.     Eliminating the need for expensive long-distance leased lines

.     Reducing long-distance telephone charges

.     Offloading support costs

.     Minimum hardware requirements

.     Can provide you with dedicated IP address with which people protect their privacy and surf anonymous without provider logs

Aug 3, 2011 10:55 AM Maya Maya  says:

A VPN or Virtual Private Network is a private, secure, communication tunnel between two or more devices across a public network such Internet. One benefit derived from using a VPN is that the "tunnel" protects your data from being "overheard" as it passes over the public Internet. Another is that, when using a VPN connection, your computer "appears" on the campus network as if it were on campus.

These VPN devices can be either a computer running VPN software or a special device like a VPN enabled router and allows your home computer to be connected to your office network or can allow two home computers in different locations to connect to each over the Internet.

For security it uses features like encryption, encapsulation, authorization and tunnels. VPN have great secure level because encryption is very strong from 128bit-2048bit and that is the main reason why they becoming increasingly popular with their many benefits.

A VPN server is a piece of hardware or software that can acts as a gateway into a whole network or a single computer. It is generally always available and listening for VPN clients to connect to it. This enables any user to access a Private Network securely from anywhere in the world as long as an internet connection is available and the private network provides the user the access to its resources. VPN also allow employees to access information from remote locations, making collaboration possible even when employees are scattered around the globe which can significantly reduce costs of any company.


Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.