Cybersecurity Handbook
Chapter 4

Is Connecting to Open Networks Risky?

We often connect to Wi-Fi networks when we’re away from home or the office. We go to a Starbucks and poof! Free Wi-Fi! How great!

However, you’ve surely heard that it can be risky to connect to public or open networks. For example, we recommend that you avoid doing any banking over this type of networks. Even though the FBI uses free Wi-Fi, you need to know how best to use it to reduce the risks of hacks and data breaches.


How to make sure that your connection is secure

Whether you’re at home, at the office, or in a restaurant, a trusted network should always be password-protected (preferably by a passphrase). 

Protecting a network by a password encrypts the web traffic so that an ill-intentioned person is not able to decrypt the data being transmitted over that network. If you haven’t already done so, we strongly recommend changing the default passwords of your networks at home and at the office to a passphrase. 

In addition, it’s always important to make sure that once connected to the Internet, your communication with the websites you’re visiting is secure. How can you do this? It’s simple: verify that the communication protocol being used is “https.” You can look for these letters at the very beginning of the URL (https:// instead of http://) or find the small padlock icon to the left of the URL. To make it even easier, you can add the extension “HTTPS EVERYWHERE” to certain browsers. This extension makes the connection secure whenever possible.

What are the risks of open networks?

On open Wi-Fi networks (which are not password-protected), a person equipped with the necessary programs to listen to the network traffic could intercept sensitive data being transmitted in cleartext (such as the username and password for a bank account).

A frequent type of attack involves creating a fake public Wi-Fi network, whose name is almost identical to that of the legitimate network, to get people to connect to it and thus intercept their sensitive data. 

How to connect securely to an open network

With that in mind, here are some recommendations of good practices when using an unsecured network:

  • Make sure to check that it’s a legitimate network with a person who might know this information (the Starbucks barista, for example).
  • If possible, avoid using this network for accessing confidential or restricted data (bank account, social networks, professional emails).
  • To have more secure access to this data, we recommend using a VPN (virtual private network).
  • When you have the choice between an open network and your cell phone, prioritize using your cellular network.

What exactly is a VPN?

A VPN is like a secure tunnel between your computer and the Internet. Your data is encrypted and your actual IP address (your identification on the Internet) is concealed and replaced with an address provided by your VPN. With VPNs it’s possible to get around national regulations and watch content available on Netflix in another country. The VPN hides your traffic from your Internet service provider and gives you an IP address of another country, so now you have access to the content available solely in that region. 

With a VPN, even your Internet provider can’t have access to your data. Therefore, the VPN can ensure security when working remotely. Several VPNs are available for free download. Others cost money. Choosing a VPN depends on what you need and how you plan to use it. 

How to choose the right VPN

To choose a VPN that meets your needs, we suggest using the following criteria:

  • Performance: Do you need a high-speed transmission rate? Are you going to use the VPN for video conferencing or simply for answering emails?
  • Data protection: If you manage restricted or highly confidential data, make sure that your VPN has a good reputation in this regard. 
  • Quantity of data that needs to be transmitted through the network: Do you need the occasional secure connection or does the work you do at home rely exclusively on the proper functioning and availability of the VPN? Some VPNs (especially the free versions) limit the data that can be transmitted over the network. 
  • Operability of the VPN on the devices you use (Mac, Windows, iOS, Android): Always verify that the chosen VPN is available on your devices and those predominantly used by the members of your team.

You can find many free VPNs. However, their services (and their quality, let’s say) are often limited. If you need a VPN to help you out occasionally in a Starbucks or airport, maybe a free product will do the trick. Otherwise, you’ll most likely need a paid service. 

Since a VPN will transmit all your traffic literally by another route, and since it encrypts it in transit, you need to expect a certain latency. Depending on the features of the VPN that you’ve selected, the latency will be higher or lower. The only way to find out and assess whether the VPN is satisfactory is to test it over several days, at different times of the day, and on different networks. Most VPN services offer free trials for periods between one week and one month. We recommend using this time to ensure that the product meets your needs.


Recap

  • Always opt for connecting to a password-protected Wi-Fi network. 
  • When that’s not possible, prioritize browsing via your cellular network.
  • You can also use a VPN to help you out when connecting to an open network.
  • We recommend always changing the identifiers received during the installation of your Internet service to a passphrase. 

Useful links

Chapter 5 How to Tell If an Email Is Cool or Scam All the Chapters