~ By Brad Egeland
You've probably seen news stations plastering the airwaves with stories of cyber-attacks. TV dramas tell harrowing tales of hackers lurking in the shadows. Now, I'm not saying I believe everything I see on TV. But this one is true. Anytime you log in to an open WiFi (like, say, at Starbucks), you leave yourself vulnerable.
Here in Las Vegas, our Starbucks has a WiFi network set up by Google. It's always, or almost always, called "Google Starbucks." If someone wants to hack you - or anyone else (or everyone else) at that location - all they need to do is set up their own hotspot or evil twin router.
They can name it anything they want, so they name it "Google Starbucks" and figure out how to take down the "real" Google Starbucks network on location.
Now you're using their router. They're accessing all of your data, passwords and information for all connected devices - which is probably your laptop or tablet AND your phone if you have WiFi enabled on it. Surprise!
So what about our projects?
Maybe you work remotely and take your work to a public WiFi access area. Maybe you just happen to be doing some weekend work. Maybe you're just doing some work while you're out between clients and away from the office - like millions of workers do every single day. What then?
Well, if you're doing any of those things, you're unintentionally potentially compromising the data on any and all devices accessing that innocent public WiFi network. That includes every project you are keeping information about on those devices.
You think you're doing work on the go and being ultra productive…and you are…but you also may be creating issues for your project clients, for your organisation and, of course, for your own personal identity.
And if you're with a government agency and/or have high risk financial or identity information on that device, you're potentially compromising lots of sensitive data that could be worth millions to the right individual if it falls into the wrong hands.
So what do you do?
Here are my three key suggestions - follow one or all to make yourself and your project and personal information safer:
Turn off any drive sharing. This should be an obvious one, but people share drives and their entire device from time to time and forget to go back in and turn that sharing off. Check it weekly or any time before you access a public WiFi hotspot. Make sure nothing has changed in your sharing settings that could compromise your device, data, and projects in this way.
If you want to work or play at a public access network, then have two laptops. Only take the generic one with you to access such a network. Leave the one full of data at home. You can still do work. You can still email. You can still surf - but you've left 99% of the information that anyone would ever want at home…tucked safely away.
This is the safest, yet least logical route because everyone likes a latte, right? I go to Starbucks at least once a week to work for a few hours. I'm not working on any highly sensitive projects at the moment, but I certainly have in the past and likely will in the future. However, the safest route is to stay off such networks. If you simply cannot, then follow the advice above.
I'm not trying to make anyone overly paranoid. Just be cautious. Be aware. Cyber malpractice can affect truly anyone and everyone. And it can happen to you. Even over a latte. Black hat hackers are real…I see them all the time. Most don't care about you, but some care about your data. You could also just be a random target. It just depends on how important you are or how important your project and data is.
What about you, our readers? What steps do you take to protect sensitive project information on public WiFi networks? Did I miss anything? Let me know in the comments!