Accessing public Wi-Fi hotspots may be convenient for work catch-ups or checking email, but public Wi-Fi can present cybersecurity risks. In addition to Wi-Fi, other common wireless technologies, such as Bluetooth® and Near Field Communications (NFC), also pose risks if they are not properly configured.
You should advise your employees to avoid connecting to public Wi-Fi, when possible. Rather, use a corporate or personal Wi-Fi hotspot with strong authentication and encryption.
However, if your staff has to access public Wi-Fi and other wireless technologies, then here are tips (compliments of the National Security Agency and our Information Security and Managed IT experts at CM3) to help identify potentially vulnerable connections and steps to take to help secure your devices and data.
Note: While these best practices cannot ensure data and devices are fully protected, they do provide protective measures users can employ to improve their cybersecurity and reduce their risks.
If you would like additional information about securing your devices and data, please reach out to our Information Security and Managed IT experts.
10 Tips for Wireless Devices using Public Wi-Fi
- Keep your device updated with software patches and anti-virus software (if applicable).
- Only connect to secure public Wi-Fi. This is Wi-Fi that requires a password or other form of authentication.
- Use a personal or corporate-provided virtual private network (VPN) to encrypt the traffic.
- Only access websites that use Hypertext Transfer Protocol Secure (HTTPS).
- Disable Wi-Fi when not in use.
- Ensure the device is connecting to the right network.
- Do not set public Wi-Fi networks to be a “trusted network.”
- Avoid online shopping or financial transactions.
- Do not communicate passwords, personal data, or sensitive information.
- Do not click on unexpected links, attachments, or pop-ups.
5 Bluetooth Tips
Bluetooth technology transmits data wirelessly between devices within short distances. While convenient in private settings, enabled Bluetooth can pose a cybersecurity risk in a public setting. Malicious actors can scan for active Bluetooth signals, potentially giving them access to information about the targeted device. Other Bluetooth compromise techniques include Bluejacking, Bluesnarfing, Bluebugging, and Blueborne.
- Monitor Bluetooth connections by periodically checking what devices are currently connected to the device.
- Disable the Bluetooth feature when not being used.
- Do not leave the Bluetooth discovery mode activated.
- Use an allowlist/ denylist of applications that can use the device’s Bluetooth.
- Do not accept non-initiated pairing attempts.
2 NFC Tips
NFC offers the benefit of contactless payments and other close device-to-device data transfers. Due to physical range limitations, opportunities to exploit vulnerabilities may be limited. However, NSA advises:
- Be aware of security risks with the technology.
- Disable the function when it is not in use.
This is by no means a comprehensive list of steps your staff should be taking to secure your company’s information. The CM3 Information Security experts can conduct an assessment of your current cybersecurity position. And, the CM3 Managed IT team can help you put appropriate protections in place for your data and devices.