Unsecured WiFi Network Access

When you have a mobile device, it’s tempting to connect anytime, anywhere using the nearest open Wi-Fi network rather than eat up your data plan. However, connecting through a public Wi-Fi network or hotspot can compromise your mobile security and put your information at risk.
Whether you are on your computer or your mobile device, it’s relatively easy for hackers to access the information you type and send over an unsecured Wi-Fi network, including your login and password information.
Even if you are not directly accessing a Wi-Fi network, some of your mobile applications such as Skype, Twitter and instant messaging apps may be using local hotspots without you realizing it. If the network is not secure, it’s possible for hackers to access the information you are transmitting, and even eavesdrop on your voice over Internet protocol (VoIP) conversations when you are using the Internet as your phone service.

Examples

Rogue Access Points. The most common, as well as most dangerous, wireless threat is the rogue access point. The rogue access point is typically a low cost, SOHO-class access point brought in by an employee who desires wireless access. The default access point settings typically have no security enabled, and thus when plugged into the corporate network create an entryway for anyone with a Wi-Fi client within range.

Mitigation

Educate users. Users need to be educated how to use WiFi with their mobile devices. There are some important tips that every company employee need to know:

  • Only do online banking and shopping using home or corporate secured network.
  • If possible make sure that you only connect to secure networks
  • Use strong passwords for all your online accounts and change them often.
  • Use VPN for accessing corporate resources.

Establish and enforce policies. Companies must develop acceptable use mobile device policies to prevent security issues. The above tips can be enforced to users with written policies and management tools.
Mobile Device Management. Main focus of the companies to prevent mobile device threats is to take control of the mobile devices and their applications. MDM is an important monitoring and enforcement tool.
Use Secure Connections. If the mobile device is connected to unsecured open WiFi, use secured connections to access corporate data, like VPN connection, SSL encryption for e-mail and HTTPS for web applications.