Are public Wi-Fi networks putting your corporate data at risk?

Mar 06th, 2014 / Category: Enterprise Mobility

Mobility is on the rise in the corporate workplace. According to ITWeb, a recent survey of CIOs revealed that they believe the "next big thing" impacting their jobs will be mobile devices and policies. Portable gadgets offer employees more convenient ways to do work from anywhere, facilitating remote working, flexible schedules and productivity while traveling. The rise of bring-your-own-device (BYOD) policies is driven in part by the cost-saving potential of having workers use their own smartphones and tablets instead of buying corporate PCs. So what's the drawback? Security.

Mobility is great, but must be secure
BYOD makes maintaining network security complicated and difficult for IT teams, who risk losing control over the devices used and the flow of information within the network. It's harder to ensure that people are installing the appropriate anti-virus software and firewalls, and employees might be more likely to work with corporate data on consumer-grade applications that aren't protected by the same security measures as the enterprise network. Concerns over lost devices and greater risk of exposure to hackers indicate that companies need secure file sharing options all the more urgently as they embrace mobile opportunities.

Public Wi-Fi networks make it possible for employees to connect just about anywhere. This is great for productivity and flexibility, but can be detrimental to security if the right measures aren't put in place. Every day the stakes seem to rise as cybercriminals develop new ways to exploit vulnerabilities and access people's information. V3 recently reported that security researchers in London identified a way for viruses to spread like wildfire over Wi-Fi networks. It's as contagious as a common cold and nearly impossible to detect, the source added.

Guarding against Wi-Fi threats
In general, public Wi-Fi networks are an easy target for cybercriminals because they lack the safeguards that prevent hackers from tapping into secured networks. 

"The proliferation of public Wi-Fi is one of the biggest threats to consumer data," David Kennedy, founder of information security firm TrustedSec, told Forbes Magazine. "A hacker can monitor the network traffic of an entire store with an iPad-sized device hidden away in his backpack."

This issue becomes especially problematic for companies whose employees access sensitive corporate information on their devices using consumer-grade email or other services. For example, New Zealand Banking Ombudsman Deborah Battell warned consumers not to view sensitive information in emails over public Wi-Fi networks as this put them at risk for fraud, The New Zealand Herald reported.

To reduce the chance of exposure on public Wi-Fi networks, Forbes offered the following tips, which companies can share with their employees:

  1. Verify the network name to prevent connecting to a hacker's network instead.
  2. Look for https in the url bar when sending sensitive information on the Web to make sure it's encrypted.
  3. Use a VPN service to add a physical barrier between user activity and the Web.
  4. Keep software updated to ensure the latest protections are included.

In addition to these best practices, corporations should consider providing their employees with more secure mobile tools, such as managed file transfer services that allow employees to access company resources without pulling files out of the secure environment. This reduces the vulnerability associated with Wi-Fi networks by adding a solid layer of protection for transferring and managing documents. 

At a time when data breaches are on the rise and the incentives for cybercriminals to steal information are great, businesses need to ensure their valuable resources are protected. Mobility can be a great boon to productivity and collaboration, but it comes with increased chances of losing data: Employees can lose smartphones, thieves can steal USB drives, viruses can corrupt files and so on. To mitigate these threats without losing the benefits of mobile devices, companies need to implement secure, intuitive solutions.