Technology has allowed the number of remote workers to increase dramatically over the past few years. As a result of the pandemic, those numbers grew dramatically. With most relying on the Internet for data access and transmission, businesses must find ways to maintain cyber security for remote workers.
Remote workers can often work anywhere. While many choose to work from home, working off-site means they can—and often do—work from other places, such as coffee shops, airports, or other public venues. To the extent they rely on public Wi-Fi for Internet access, both the worker and your business could be at risk unless you’ve incorporated adequate safety measures.
What Cyber Security for Remote Workers Entails
Cyber security requires constant vigilance and proactive planning. That doesn’t change when workers are no longer on-site. If anything, the need to ensure security increases when employees go mobile.
Maintaining cyber security starts with educating employees and management on the risks associated with using public Wi-Fi for remote workers and your business’s cyber security policy. In addition, appropriate tools and technologies should be used to manage cyber security for remote workers. Below is an overview of these necessary steps.
Understanding the Risks of Using Public Wi-Fi
In an office, computers are usually connected to the local area network or the Internet via a cable connected to the device. Working away from the office, remote workers must find another way to make those connections. Whether working from home or from the local coffee shop, they may use a Wi-Fi connection for network and Internet access.
Wi-Fi (sometimes referred to as wifi) is a technology that uses radio signals to allow devices to connect to the Internet wirelessly. Many home Wi-Fi networks are password-protected and, ideally, that password is shared only with trusted individuals. But when a worker uses public Wi-Fi, there is often no password protection.
Many businesses, libraries, and public buildings provide Wi-Fi hotspots, a defined area within and possibly around the building that allows wireless Internet access through the provider’s account. Access is often free, but you get what you pay for. Whether these types of Wi-Fi hotspots require a password or not, anyone connected to the network who has minimal tech savvy can “eavesdrop” on the data other users are sending and receiving.
Risks to Cyber Security for Remote Workers Using Public Wi-Fi
Accessing the Internet and office networks using public Wi-Fi is no different from laying your passwords out on a desk for anyone passing by to read. The data you send—files, passwords, URLs to network sites—is easily accessible to anyone who wants to see it.
Because the data is transmitted wirelessly when someone uses a Wi-Fi hotspot, anyone else using that hotspot may reach out and grab the data. Following are some common ways this is done:
- Evil Twin/Fake Wi-Fi Hotspots: With some tech savvy, someone can set up a fake access point that purports to be the Wi-Fi hotspot. Users who are not careful in selecting the Wi-Fi hotspot may inadvertently connect to the fake one, essentially giving all data transmitted and received to its owner.
- Man in the Middle (MitM) Attacks: A third party can make a connection between two parties communicating via Wi-Fi, acting as a middleman who relays the communications between them. Although this is done wirelessly, this is considered a form of wiretapping.
- Packet Sniffing and Sidejacking: Data is sent through the Internet in small bits or packets of information. Packet sniffing captures this data during transmission over public Wi-Fi and then uses other, often free technology to analyze it later. Sidejacking is the same as packet sniffing, but the analysis takes place at the time of capture.
Any user with minimal effort and research could employ these and other nefarious methods to gain access to the data your workers send over an unencrypted Wi-Fi hotspot. Even if they can’t read your login credentials, they may be able to send a virus or other programming to your computer to gather that information and send it to them later.
How to Avoid Public Wi-Fi Security Risks
The first step in avoiding cyber security risks for remote workers is to educate those workers on the risks. A close second, every business should develop and implement a robust cyber security policy that includes discussion of security for remote Internet and network access.
All businesses should also require remote workers to take simple steps that can significantly reduce the risk of unauthorized access to transmissions over public Wi-Fi. Workers should consider the following when faced with connecting to public Wi-Fi:
- Be selective when using public Wi-Fi and careful to choose the correct hotspot. This includes making sure sites accessed are secure (begin with HTTPS).
- Disable file sharing on devices and be sure to log out of the hotspot when no longer using it.
- Consider tethering to a mobile phone in lieu of using a public Wi-Fi hotspot. Tethering often provides a faster connection than Wi-Fi anyway.
- Use a virtual private network (VPN), which can serve as a tunnel through which data is sent and received, preventing others from viewing or accessing those transmissions. By understanding how VPN works and choosing the right VPN service for your business, you can safeguard your systems and data.
- Consider purchasing a mobile hotspot like the Hotspot 2.0 by Cisco Meraki. A personal hotspot can be used for more than one device and can prevent the overuse of data from phone tethering while also helping to avoid the security risks associated with using public Wi-Fi.
Having a remote workforce is likely here to stay. With the right tools, businesses can ensure cyber security for remote workers, allowing workers the freedom to be productive anywhere.