What are the security risks of connecting to a public wi-fi network?

Date : 17/11/2014
Author : Forum Business Travel

FRANCISCO DE LA PEÑA, founder of N2S

Communications and information security is critical and threats to it are growing all the time. Usually, corporate networks protect us from multiple potential attacks, but when we travel and use public networks, who guarantees our security?

Today the traveler carries an average of 1.8 wi-fi devices (smartphone corporate, mobile personal, tablets, laptop, etc…) and these networks pose one of the greatest security risks due to their exposure to attacks.

In the near future, wi-fi networks will be catalogued based on their security but, for the moment, we almost never ask about security or configuration, we just connect and that's it.

The most common attacks are the “man in the middle”, where anyone with sufficient network knowledge is able to intercept a communication between one device and another.This means that we are exposed to information packets being examined at any time.

Most public wireless networks are open access, i.e. without any data encryption between the client and the access point.If data packets are intercepted at any time, they do not carry encrypted information, making it easier to learn the contents.

On the other hand, when we connect our device to a wi-fi network and depending on the configuration, this can offer visibility of it from another connected device. Numerous networks do not securely connect to clients. This type of connection supposes a security hole for our device and the information contained in them, since another equipment connected to the same network can connect with our equipment and extract the information that it contains.

It is unusual to assess the security of a public wi-fi network before connecting, although we know that in these networks we will always be exposed, but these risks can be reduced. We can follow some recommendations to reduce them, such as keep our operating systems in the últimas versions, the antivirus updated and keep our firewall activated.

In order to maintain a secure browsing, it is recommended to always use pages with SSL encryption (https) so that our passwords and data are protected. If we have the possibility, it is always advisable to use a VPN client. Finally, common sense will always be our best weapon to protect ourselves, since we must be aware that we do not know how secure a public network can be. Therefore, it is always recommended not to use personal data in browsing sessions (telephone numbers, credit cards, etc.).

To avoid this type of risk, companies that provide access to public networks are obliged to store session data (not browsing data) to identify who and when may be committing any type of cybercrime. The ideal solution is the dynamic management of the network by the establishment, with management platforms and certain layers of service that guarantee security.