Safer Surfing – of the Internet
Internet access is a nearly ubiquitous expectation for travelers. All of the 20 busiest airports in the United States provides at least some free WiFi access. Four out of five travelers say that WiFi is a particularly important hotel service. (And no other hotel amenity was mentioned by even half of travelers). But as the prevalence and use of wireless Internet access by travelers has grown, so has the risk involved in using it. More WiFi users making more use of the service make public WiFi an ever more attractive target. Here are a few simple steps you can take to ensure a safer surfing experience when using public WiFi networks.
Step One: Make sure you're connecting to the right network
Make sure that you’re connected to the correct WiFi network BEFORE you start surfing. This is the simplest and easiest way for a malicious actor to get access to your information. They set up a connection point with a generic name, like “Free Airport WiFi.” When you connect to it, you hand your information to them on the way to its intended destination. Look for a sign that states the name of the network the facility provides. If you don’t see a sign, ask a customer service representative.
Step Two: Limit Your Use of Sites that Store Private Information
If you don’t NEED to visit your bank or credit card account from a device that’s connected to public WiFi, don’t visit them. Most (though not all) public WiFi network hacks rely on passively collecting the information. If you don’t send private information across the network, it can’t be stolen passively. Keep your surfing to entertainment content, and you limit the value of what a hacker might be able to steal.
It’s not just bank and credit card sites that can provide hackers with valuable personal information. Sites that might risk exposing either payment data or personal data that could open other doors for hackers include: shopping sites like Amazon, social media sites like Facebook, and even web-based Email accounts.
Step Three: Use a Password Manager
If you must visit sites that include particularly valuable personal information, use a password manager. (I’m personally a fan of LastPass on the PC side, and 1Password for Macs). A password manager keeps you from having to type in passwords. The password manager fills in the password for you. This prevents key-logging from capturing passwords as you enter them.
Step Four: Use a Virtual Private Network (VPN)
A Virtual Private Network, or VPN, establishes a secure point-to-point connection between your computer and a destination computer, with the security of that connection “brokered” by a known secure third-party provider. Used properly, even if you’re connected to the Internet via rogue WiFi network, the pirate network won’t be able to decrypt the data sent across the VPN. The New York Times’ Wirecutter did an extensive review of VPN services that is a good reference for choosing a service.
Step Five: Use Your Own Hotspot
Probably the best way to avoid the hazard of public WiFi hotspots is not to use them. Most cell phones and providers can be used as a hotspot. Just be aware that many cell phone data plans have use limits. And beware of expensive international data roaming. If you’re using your cell phone to provide your own Internet access, you should still keep some basic security considerations in mind:
- Change the name your phone uses to identify itself, especially if you have a common first name. On iPhones, for example, your phone’s WiFi network defaults to “FirstName’s iPhone.” If there are several people around you with the same first name and phone, there’s no easy way to tell which is the right one. Change your device’s name to something unique. (As of this writing, on an iPhone you can do this by going to Settings | General | About | Name).
- Set a strong password for your device’s WiFi network password.
- Connect your computer to the internet through your device hotspot at home, and have your computer “remember” the network, so that you don’t have to retype the password in public.
- Check to make sure that the device you are using as an Internet hotspot is NOT connected to a public WiFi network. (If you’ve connected to a public network using that device in the past, you may need to tell your device to “forget” the network to avoid automatically connecting).
We can’t guarantee that following these steps will provide 100% protection of your private information. However, they will make you a MUCH less attractive target for would-be hackers. The most common way for hackers to get access to your information is NOT high-tech interception. Social engineering causes most data breeches. Don’t give your personally identifying information to an incoming telephone caller. Don’t access password protected sites via links in unsolicited Email. And when in doubt about the validity of a link, visit the site directly by typing the address into a new browser window yourself.