Wireless Connectivity

The problem, however, is that many portable
computer users are completely clueless about the dangers of unprotected
WiFi connections. They think that they can surf the Net with the same
impunity as having a wired connection.

"WiFi use poses problems to both enterprise users and private
consumers for two reasons. One is the lack of security with public
hotspots. There is no encryption by default. The second is
accountability. WiFi presents many different ways to connect and needs
to be simplified," Dan Hoffman, senior systems engineer of Fiberlink
Communications, told TechNewsWorld.

Enterprise WiFi and private users are at increased risk of having
sensitive data stolen when they do not connect through VPNs (virtual
private networks) and when the laptops they use lack up-to-date
security patches. Computing in public area, even when not connected to
a WiFi hotspot, makes users vulnerable to security breaches as low-tech
as the prying eyes of people looking over their shoulders, Hoffman
added.

For example, one method hackers use to steal information from
WiFi-connected computers is sidejacking. Sidejackers gain site access
to computers that are on shared wireless connections at hotels, coffee
shops and other public WiFi locations. Once connected, the sidejacking
hacker can infiltrate e-mails, view confidential information and change
passwords without the consent or knowledge of the computer owner.

The growing popularity of WiFi connections to the Internet from
virtually anywhere - bus and train stations, airports and coffee
shops, for instance - drastically increases the chances of wireless
users finding their data stolen. It's a combination of more people
connecting and hacking techniques getting better, Hoffman explained.

With so many people connecting to the same wireless connection, a
robust software firewall is essential to protect the computer. Like its
hardware counterpart, a software firewall blocks unauthorized access to
a laptop from the Internet.

Perhaps the most often missed security measure is to turn off
file-sharing applications when accessing the Internet from a public
WiFi network. This is an easy security hole to fix. Windows users can
go to "My Computer" and "Windows Shared Documents." Then, right click
and go to "Security and Sharing" to turn this option off.

"A shared directory that isn't inside a firewall is an open invitation to a hacker," David Kent Jones, author of the e-book "Online Teen Dangers" noted in discussing WiFi risks with TechNewsWorld. "Online Teen Dangers"

Basic Security Tips

Fiberlink's Hoffman offered WiFi users a set of guidelines to follow to
ensure safe wireless connections to public hotspots. These security
tips provide even more experienced wireless users a way to better
secure data on laptops that are exposed to public WiFi connections.

1. Honor the Magic Number: Smart password combinations make the
   difference between secure and hacked wireless connections. For
   instance, there are 6,634,204,312,890,625 possible password
   combinations when using eight characters with the 95 keyboard character
   combinations. Change the user log-on often for wireless router access
   to make it difficult to guess. Use a combination of alphanumeric
   characters and other keyboard symbols. Keep the strong password safe by
   disabling or declining any password-saving features.
2. Know The Power of Three: Hackers use sophisticated
   blended threats based on a variety of tactics to defeat security. Know
   your equipment's security blind spots. For example, make sure your
   laptop is equipped with a blend of security tools. These include
   antispam, antispyware and a personal firewall. Miss any one of these means forfeiting your security.
3. Block Prying Eyes: Recognize that prying eyes are
   everywhere. Stop thieves from snooping by making sure your IT
   department helps you encrypt your e-mail. Prevent unauthorized access
   to your e-mail with SSL (Secure Sockets Layer) encryption of both login
   file transfer functions. Otherwise, hackers can read your e-mail as the
   data moves through cyberspace. To further secure connections to
   corporate servers and applications, use a VPN.
4. Recognize That Wired and Wireless Are Not Created Equal:
   A wired connection (digital subscriber line or even dial-up) is
   inherently more secure than wireless. With wireless connections, data
   typically is sent unencrypted through the air between the mobile device
   and an access point near your room, making it very easy for hackers to
   sniff the data passively from as far away as the parking lot. Defeat
   remote snooping by disabling the laptop's capability to automatically
   connect to signals.
5. Don't Trust Your Internet Service Provider: Using a
   wireless router at home does not make you any safer than connecting on
   the go. Use the same level of security at home as you do when connected
   to a public WiFi network. Especially important is password-protecting
   your home WiFi network.
6. Prepare for the Worst: Assume that sooner or later
   your laptop will be lost or stolen. Implement a password-protected
   screen lock. Do not store sensitive information such as usernames,
   passwords, Social Security numbers, bank account numbers or credit card
   numbers on the device. Companies should activate administrative
   device-wiping so that an IT administrator can remotely destroy data and
   applications on the mobile device in the instance that it is lost or
   stolen. Lastly, keep data backed up on a PC or server in case your
   mobile device is gone forever.

VPN for Anyone

Aware that more protection might make their services more attractive to
users, some service providers have taken steps to strengthen the
security of users on their networks. For instance, WiFi service
provider AnchorFree started out giving away free WiFi connections to
hotspots. Users watched brief advertisements to access a connection.
That led to the release of a free download of the company's HotSpotShield.

"We created it to protect our WiFi connections. It creates a VPN or
private tunnel between the laptop and the end point," James Chavez,
director of new business development for AnchorFree, told TechNewsWorld.

When the client application runs from the laptop's browser, it creates a tunnel that has never been cracked, Chavez said.
The company released the free product 18 months ago. In a recent week it was downloaded 316,000 times, he added.

How It Works

Once enabled, HotSpot Shield conceals the user's existence on the
Internet, according to Chavez. Originally, AnchorFree permitted
unlimited use; however, the company now restricts usage to 10 GB of
data per month to curtail excessive use that clogs bandwidth.

Users can bypass monthly usage restrictions by participating in various incentive programs.

In addition to allowing individuals to stay secure, AnchorFree gives
small businesses a solution that allows them to keep WiFi users on
their networks secure. Businesses can offer free wireless access
through AnchorFree and then direct their patrons to Hotspot Shield, a
value-added tool for greater protection and security while online at a
place of business, according to David Gorodyansky, cofounder and CEO of
AnchorFree.