It is important to be vigilant when connecting to networks in public, so we’re sharing a few helpful tips on how to keep yourself secure whilst out and about. This blog is a companion piece to a recent Kivu Coffee Break video, which you can watch here.
With a rise in the number of people working from home comes a rise in the use of public and private, non-corporate wireless networks. But how can you guarantee that you stay safe and secure online when out in public?
An effective tool for controlling your online presence and visibility, whether at home or in public, is to use a VPN (Virtual Private Network). While utilizing a VPN, your internet traffic is encrypted and your online activity is completely hidden, protecting you from malicious actors. If you would like to learn more about VPNs, check out our previous blog post on the topic.
No VPN? No worries – here are four simple steps to help you stay cyber-safe.
Step 1: Choose Caution Over Convenience
The first step to reducing your visibility in a public space is to make sure your device is not already broadcasting its presence.
- Turn off automatic WiFi connection capabilities. While this is a convenient feature and most public WiFis are trustworthy, you do not want to risk automatically connecting to untrustworthy ones
- Turn off all other automatic connections or features that broadcast your device information
- Take the time to manually verify and then connect to a network
A few devices have built in alerts to notify you when you may be connected to an untrustworthy network. For example, Android has a “Network May Be Monitored by a Third Party” warning and Apple has “Untrustworthy Security Certificate”. But you should not just rely on these types of notifications and assume you are on a secure connection when you do not receive one.
All automatic connections should be turned off in general. For example, if you are an Apple user, make sure to set your Apple Airdrop to contacts-only mode. If you don’t, your presence and the name of your device (possibly your real name as well) will automatically pop up on anyone’s phone in the vicinity. They could track down further information if you also happen to be in an unsecured network, or they can simply send you photos, documents or other information that you do not want to see.
Another automatic connection that most people forget is Bluetooth. While it is yet another convenient feature, it could link your devices to networks you ordinarily would not use, and provide opportunities for malicious connections to your devices. Keep these settings turned off, especially when you’re traveling to unfamiliar places.
Step 2: Verify
The next step is to verify the public network to which you are connecting. One way to do this is to make sure it is the certified network of the establishment you are visiting. For example, by simply asking an employee directly for the name of the network. Do not let yourself be taken in by a fake network that looks similar but might be slightly misspelled, uses a number to replace a letter, or has a sequence of numbers appended. Get the information straight from the source so you can have peace of mind in your secure connection.
The same goes for the login of a public network – verify before you use. But, if it still seems suspicious to you, here’s a trick: to test a login’s validity, throw incorrect passwords at it. If you are still able to gain access with false credentials, then the network is not actually secure.
Step 3: Limit What You Share
Just having a secure WiFi will not guarantee complete invisibility on a public network. An unsecured network can broadcast your personal information to anyone, thereby negating all the great verification work you did. To check the safety of a website double check the URL. If it starts with https:// and has a little padlock symbol, you know it is secure. HTTPS, or Hypertext Transfer Protocol Secure, uses Transport Layer Security (TLS)/Secure Sockets Layer (SSL) to encrypt HTTP requests and responses. Any information you exchange over that site will be safe.
Even when using HTTPS, keep in mind that devices on the same network can see each other. There are ways for attackers to take advantage of that visibility. So, even if you are on a secure public network, it is still in fact public. Best practice is to refrain from accessing any kind of sensitive personal data whilst out in public, such as your bank accounts.
Step 4: Out Of Sight, Out Of Mind
Finally, after you have finished connecting to a public WiFi, go into your settings and select “Forget Network”. Leaving your device connected to a public WiFi is like leaving your front door unlocked when you head to work for the day: an easy way in for thieves. Take the extra couple of seconds to manually leave the network and you can have that little bit of extra peace of mind.
If you follow these steps and use your best judgment, you will reduce your visibility – and vulnerability – in public places. But if you are ever at a loss for how to proceed safely, simply stop, think, and then connect.