Subscribe
Search
Close this search box.

Corporates must beware of risks lurking behind public Wi-Fi

  • Venky Sundar - Indusface
Experts at the cloud based application security company Indusface, have detailed the risks behind open access public Wi-Fi, as well as ways to mitigate these.

Reports suggest that 87% of UK businesses have adapted to hybrid working, with 44% of UK workers currently working remotely in 2023. With the flexibility of remote work enabling UK employees to work from public workspaces or coffee shops, as an employer, how can you ensure those working for you are doing so securely whilst connected to public Wi-Fi?

Here are the worst places businesses can connect to public Wi-Fi, detailing the cyber security risks and red flags to look out for. 

Venky Sundar, founder and president of Indusface, also comments on the risks to businesses and their employees, as well as detailing ways to stay safe from cyber attacks. 

The worst places to connect to public Wi-Fi:

Restaurants/Coffee shops
Large restaurants and coffee shops see numerous customers pass through their doors daily, all of whom have access to the public Wi-Fi that the venue offers. This open access can leave users vulnerable to hackers who are able to exploit the lack of security in the Wi-Fi network and utilise this to access user data, otherwise known as a MITM (Man in the Middle) attack.

From this, hackers can access information on websites that users visit, browsing activity, and more personal information such as passwords and financial transactions. This can leave user logins and other personal data vulnerable to being stolen by a hacker. 

Hotels
Hotel Wi-FI can prove useful to your employees whether they are on a business trip or catching up on uncompleted work, however, hotel Wi-Fi often provides full public access, meaning anyone can access and monitor it.

Router hacking is just one of the ways hackers can take advantage of open access hotel Wi-Fi. This involves hackers or cybercriminals gaining control of a router in order to take advantage of its vulnerabilities, resulting in access to personal and sensitive information.

This can be a threat to anyone who is on the hotel’s Wi-Fi as their personal cyber information can become available to hackers using this method.

Public Transport
Despite many employees working in a remote or hybrid capacity, certain roles will still require travel to and from work meetings from time to time, and Wi-Fi on public transport such as trains can be useful if employees have work to complete before getting to their destination. Nevertheless, its safety and security can be easily compromised by hackers due to its open access, making it a frequent target for attack.

As such, utilising Wi-Fi on trains for completing work whilst commuting can leave many employees susceptible to hackers who could gain access to important business data, financial data, or even private and personal information such as logins.

One way hackers may exploit data via transport Wi-Fi is through Malware attacks. This entails cybercriminals interfering with a device in order to gain access to its information. This is common on unsecure networks, as hackers can easily access devices when connected to the same Wi-Fi as their victims.

Airports
If on a business trip, you should make your employees aware that they should be vigilant when using airport Wi-Fi, as airports are hotspots for cybercriminals looking to target personal information such as passwords, financial data, or business data.

If you or members of your workforce are travelling for business, you should be particularly cautious of business email compromise (BEC). This involves hackers attempting to access email accounts to carry out fraud, such as transferring funds. 

Another method cybercriminals may try is identity theft or compromising accounts. Hackers can intercept data sent over an unsecure network, therefore, any information that you input – such as passwords, could be used to break into your online accounts such as business accounts or even steal your identity via compromised passport information.

Venky Sundar, founder and president of Indusface comments on the above Wi-Fi dangers and provides tips on how to stay safe from cybercriminals: 

Public Wi-Fi is more vulnerable to attacks. If your employees use public Wi-Fi networks, the chances of getting a malware infection is high. While the best protection is to not use these Wi-Fi networks at all, you can never be sure about how your remote employees will comply with these guidelines. 

“To minimise damage, I see two angles 1) endpoint security and 2) application security. In endpoint security it is all about using a good antivirus software and keep pushing automatic updates to it. 

“Application security is the second layer of defence, let’s say that the endpoint or your employee’s computer does get compromised, so the chance of malware infecting your company infrastructure is high. This is where putting your applications behind a WAAP becomes critical. That way, even in case of a compromise, the WAAP blocks attacks and protects the infrastructure and applications.”

Additional steps businesses and employees can take to help protect against cyber attacks
It is vital not only for employees, but for businesses, to ensure that they are adequately protected when using public Wi-Fi. There are numerous methods you can use to do so.

  • Turn off the auto-connect Wi-Fi setting, as this can automatically connect you to open access public networks nearby that may not be secure, and can leave you vulnerable to attack.
  • Utilise a VPN (Virtual Private Network), as this can help ensure your data isn’t visible to hackers as it goes through the network you are on. If it becomes visible, hackers can breach your digital privacy and gain access to your private company or personal data.
  • Ensure you have anti-virus software installed on your device. This can help protect you whilst using public Wi-Fi, as it has the ability to detect malware that may find its way into your system whilst using the public network. The software will issue an alert to you if any viruses are on your device, if there is any suspicious activity, or attack.
  • Perform gray box DAST scans on all your web and mobile applications so that you know the exact risk when the admin or user credentials get compromised. Once you understand the risks, mitigate them on code.
  • Implement a Web application and API Protection(WAAP) solution so that when your employee’s endpoint gets compromised, the attacks that originate out of that compromised endpoint get blocked at the WAAP. 

Guidance provided by Indusface

    Receive more HR related news and content with our Free Newsletter

    Read more

    Why are so many company leaders unprepared for change?

    Is there a clash between older and younger generations?

    Employers have legal and moral imperative to support neurodivergent staff

    Latest News

    Read More

    How AI will change HR management

    29 April 2024

    Read More

    Employee Engagement

    29 April 2024

    How to avoid employee disengagement in the age of AI

    Dive into the transformative role of AI in HR practices from streamlining routine tasks to shaping employee experiences...

    Read More

    Employer Branding & Communication

    28 April 2024

    Job descriptions don’t attract candidates – companies do

    Discover how to stand out in the competitive talent acquisition landscape by harnessing the power of social media for employer branding...

    Newsletter

    Receive the latest HR news and strategic content

    Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

    Clear signs of gender pay gap progress

    More over 55s are accessing their pensions or cashing out completely.

    Early retirement emerges as top financial goal for employees

    Reimagining Employee Incentives: Key Strategies for Motivation and Retention

    Half of employees unaware of what their pension is invested in

    Latest HR Jobs

    HR Director UK&I – Michelle Simpson HR Recruitment Ltd – Newcastle upon Tyne

    The post holder will lead coach and steer the UK amp I People team allowing the delivery of a high class HR service to support

    Head of HR- Offshore – Aramark UK – Aberdeen

    This is a permanent and full time position which will be based in our Aberdeen HQ AB21 0BH Generous annual leave that increases in line

    Software Development Director – Award-Winning HR-Tech SaaS – 18646 – RecruitmentRevolution.com – Leeds

    Software Development Director Exec Team Seat Remote Working with Ellesmere Port Office Based Minimum 1 Day Per Week + Contribution towards membership fees £120 000

    HR Assistant

    Moulton CollegeSalary From £22 308 pa 8211 Band 5 £23 031 00 8211 £24 123 00 pa 8211 Band 6 dependent on experience

    PUBLISHER

    Peter Banks

    Founder & CEO

    EDITOR

    Jason Spiller

    DIGITAL MARKETING

    Beenu Weerawardena

    Hady Elsayed

    SUBSCRIPTIONS

    Sonja Grimes

    ADVERTISING

    Chris Cope

    ADVERTISING SALES

    Publication and Online

    01454 292063   advertise@thehrdirector.com

    RECRUITMENT

    01454 292 069     recruit@thehrdirector.com

    CUSTOMER SERVICE

    01454 292 060
    info@thehrdirector.com

    SUBSCRIBER SERVICE

    +441454292060
    subs@thehrdirector.com

    Read the latest digital issue of theHRDIRECTOR for FREE

    Read Online For Free

    Read the latest digital issue of theHRDIRECTOR for FREE

    Read Online For Free