Untitled Document

Security Tips

Tip #1

Beware the “Evil Twin”. An “Evil Twin” is a hacker operated Wi-Fi hotspot designed to trick users into believing it is a legitimate public Wi-Fi hotspot by mimicking the legitimate public Wi-Fi hotspot’s network name and login page (if applicable). Once the user has connected to the “rogue” Wi-Fi hotspot, the hacker may even go as far as mimicking login pages for popular email and banking sites thereby stealing the user’s most valued login credentials. A standard protection against this type of attack is to only use public Wi-Fi hotspots that provide an SSL-encrypted login connection (such as a "Powered by 82nd Street Wireless hotspot") which has been certified as legitimate by a trusted third party such as Thawte or Verisign. If the login page’s URL begins with “https” versus “http” and you see a “lock” icon in the lower right hand corner of your web browser, it is SSL-encrypted. You can view the SSL certificate from your web browser by clicking File > Properties > Certificates

Tip #2

Use a VPN (Virtual Private Network) so that your wireless data is encrypted as it travels between your wireless device and the Wi-Fi hotspot's wireless access point. Wireless security standards that use secret network keys such as WEP and WPA are useless at public Wi-Fi hotspots as one user’s network key can be used by a hacker to decrypt the entire network’s traffic. As such, virtually all public Wi-Fi hotspots disable WEP and WPA to provide a hassle free login for users. What this means is that your data is not encrypted as it travels through the air and can be read by a hacker using standard command line utilities found in certain operating systems.

If your company does not provide you with a VPN, look into consumer VPN solutions like JiWire's Hotspot Helper which runs about $24.95 per year. If you're not using a VPN, act as if someone is looking over your shoulder because a hacker might be. Also, if you intend to perform financial transactions, ensure that you are doing so over an SSL-encrypted connection only.

Tip #3

Your best practice to to configure your wireless networks settings as follows:

Turn your firewall on: Start > Settings > Network Connections > Wireless Network Connection > Change Advanced Settings > Advanced Tab > Windows Firewall Settings > Select “On” > OK

Disable file sharing: Start > Settings > Network Connections > Wireless Network Connection > Change Advanced Settings > Uncheck “File and Printer Sharing” > OK

Turn ad-hoc mode off: Start > Settings > Network Connections > Wireless Network Connection > Change Advanced Settings > Wireless Networks Tab > Select Network > Properties > Uncheck “This is a computer-to-computer (ad-hoc) network” > OK

Tip #4

Keep both your operating system and anti-virus software current with the latest updates. Operating system security vulnerabilities are being exposed almost as frequently as new viruses are being unleashed on the Internet. Fortunately, the major brands in both product categories offer an automatic update feature which makes receiving the required updates effortless. By employing these four security tips, your data will stay out of the wrong hands while you continue to enjoy the benefits of public Wi-Fi.