Article Posted by Mark Weatherford, Director and Chief Information Security Officer, Office of Information Security
Wireless hotspots are changing the way people work by providing high-speed Internet connections in public locations and as the state begins to encourage more Teleworking and remote access to government networks, it’s important to remember your security ABC’s. Before you take your notebook to the local coffee shop or on a trip, spend some time with your agency or department ISO who can show you the ropes, starting with how you can avoid unsecured and bogus hotspots. Hotspots are an everyday connection method for travelers and remote workers to browse the Internet, check their email, and even work on their government networks while away from the office. Legitimate hotspots ones range from paid services to public, free connections. But they all have one thing in common—they are open networks that are vulnerable to security breaches. It’s up to you to protect the data on your computer and here are seven tips to make working in public locations safer.
- Do not assume that public hotspots are secure. Instead, assume that other people in cafes, hotels, libraries, airports and other public places can access any information you see or send over a public wireless network. Don’t work with sensitive information, such as credit card and bank account numbers, visit password-protected websites, or connect to your corporate network while you are connected to a public network.
- Do not connect to unsecured wireless networks. If you don’t need a password to connect, guess what, Mr. and Ms. Hacker don’t either. When you ask your computer to search for Wi-Fi networks, you will see a list of those that are available along with a note that tells you whether a network is secured or unsecured.
- Scrutinize that hotspot before you connect. It’s a simple thing for a hacker to mimic the name of a familiar hotspot and set a trap for you. For example, if you work for the California Office of Information Security and while you are at Starbucks, your computer asks if you want to connect to a network called “California Office of Information Security,” it’s a pretty safe bet that it’s a scam. Don’t connect to it.
- Do not allow automatic connections. Make sure that your computer settings do not allow automatic connections to hotspots. Chances are that there are several wireless networks anywhere you’re trying to connect. Always manually disable this feature on your computer and configure it to let you approve an access point before you connect.
- Use a software firewall. Personal firewall software should be installed and working on your computer. If you rely on a firewall that is pre-installed on the computer when you purchase it, be sure the firewall is turned on.
- Disable file and printer sharing. File and printer sharing are features that enable other computers on a network to access these resources on your computer. When you are using a public hotspot, it’s best to disable file and printer sharing. When enabled, they can make your computer vulnerable to hackers and besides, when you are in a public place you don’t really want to share your files wirelessly with others do you?
- Consider removing or encrypting sensitive information from your notebook. If you don’t need sensitive information on your computer before you go on the road, take it off. A better solution is to simply ensure that your hard drive is fully encrypting everything all the time.
For more information: http://www.microsoft.com/atwork/remotely/hotspots.aspx