Table 5.
Tactics for secure use of Wi-Fi hotspots
| ● Make sure all mobile devices have antivirus, anti-malware and a personal firewall all installed and updated. |
| Install a privacy screen to avoid “shoulder surfing” where an attacker might “look over your shoulder” to gather info or passwords as you type |
| ● Make sure that the connection and session is encrypted. At a minimum, ensure that https is present in a web address before accessing a secure site (i.e., webmail, social media, or any site that requires a login). Make sure that this connection stays encrypted for the entire online session. Some websites encrypt the log-in and then return the user to an unsecured, vulnerable session. |
| ● Do not use unsecure, unencrypted methods to transfer data, like FTP to upload data. |
| ● Don’t let the mobile device automatically connect to an open WiFi source. Many devices can be set to notify you when an open network is available and have you determine whether to connect. Don’t connect to an “open” network, even the one at Starbucks, if you are working on a project and have no other means of encrypting the connection (like VPN). |
| ● Use a virtual private network (VPN) to protect your data. A VPN adds a layer of encryption and security that is valuable when using any unknown or open connection. |
| ● Limit exposure when using a hotspot by using a personal or a business-issued mobile hot spot configured securely. Many smartphones and tablets have hotspot capability built-in. |