It’s not hard to find people glued to a screen in public – whether it’s working in an airport terminal before a flight or checking your email in line at the grocery store. We’re addicted to the convenience of using our devices in public (guilty as charged over here). But that convenience can come at a cost if you’re not careful. Here are a few common threats and how to keep your information safe:
It’s easy to find public Wi-Fi hotspots or a random unsecured hot spot allowing you to connect without authenticating. But these hotspots could easily could be rouge access point (an unauthorized wireless access point set up by a hacker, allowing them to access your information). If the attacker is advanced enough, they can force connect your device if it’s set up to automatically connect to wireless networks.
Let’s take rouge access points out of the picture for a moment. Just the simple use of public Wi-Fi can be dangerous. Publically accessible networks usually aren’t monitored or secured, meaning the guy sitting beside you could be sniffing your internet traffic with a simple tool running in the background (or storing it to look at later). Be careful of the websites you access as they may be spoofed and redirecting your login attempts to those sniffing tools. Every attempt you make with the wrong or right username/password combination may just send you back to a made-up/false error page.
Another common threat is called “Shoulder Surfing,” where the attacker watches over the shoulder of an oblivious user to see what keys they’re pressing. It’s easy to use a cell phone camera to snap photos of a credit card, or take videos of you logging into social media or bank account. Watch out for this in busy public places where you might not normally pay attention to your surroundings while you’re working – think busy airport terminals or coffee shops.
Some of the most common sense practices will make the biggest impact when it comes to staying safe. They may seem like an inconvenience now, but not nearly as inconvenient as dealing with a breach.
A strong password is your first line of defense against data capture. Do you use the same password for most of your sites? It’s easy for a cyber-criminal to try your captured Facebook login at your banking website. Check out this blog post for strong password best practices.
Enable encryption on your devices so it scrambles your data. This makes any data captured almost worthless to your attacker. Ensure that every webpage that you log into uses https:// instead of just http://. Even though adding that extra “s” on the end uses SSL encryption, it still does not guarantee safety over public hotspots.
You can also get encryption set up on your email, which protect your emails from being read by anyone other than your intended recipient. This is especially important if your job involves sensitive customer or patient data.
Several websites, like Paypal, Facebook, and Office 365, provide you with the option of two-factor authentication. Two-factor authentication combines something you know (your password) with something you have (your phone or a passkey dongle). If you don’t have both, you can’t log in. We use two factor authentication to secure our desktops, servers, and key applications. It can be annoying if you aren't used to it, but it’s an essential step to keep our customer data safe.
Try to make these simple steps a habit. Making security a part of your daily routine, along with being aware of your surroundings, will greatly reduce your chances of falling victim to an attack. If you’re interested in more information about ways to keep your company’s data safe (like setting up email encryption), please contact us.