Tie Down That Wi-Fi: Security in Public Requires Vigilance
Illustration by James Steinberg
Not much these days beats the appeal of free public Wi-Fi. With our mobile devices, it’s actually disappointing when we can’t jump on the Internet whenever we’d like. But security experts like to re mind us that all is not idyllic in the public Wi-Fi landscape. Security presenters at conferences seem to enjoy demonstrating just how easy it is to locate and invade computers connected to the Wi-Fi in the room.
Given the nature of the information lawyers have on their devices and might need to access over the Internet, taking security precautions in a public Wi-Fi setting is especially important for lawyers and their clients.
Keep in mind that security protection is an evolving process and not just a one-time set-and-forget step. In large part, your goal is to deter “opportunity criminals” by making your computer a tougher target than all of the other computers where you are.
Here are some basic tips to make you less of a target when using public Wi-Fi:
l. Get your shields up. You want to understand how vulnerable your computer is—right now, after you take steps to improve security and on an ongoing basis. For many years the easiest way to determine that has been to run the diagnostics at Shields Up. This project of computer security expert Steve Gibson will scan and report on your system’s vulnerabilities.
The site also provides a wealth of educational materials about good security practices that can be adopted. As Gibson puts it: “Anything that can display a webpage—desktop, laptop, netbook, phone, tablet—can be tested with Shields Up.”
2. Get the firewall. Besides blocking ways outsiders can get into your computer while allowing desired activity, some firewall programs can identify or block malware from sending data out of your computer. Both Win dows and Mac OSX have built-in firewall programs; you’ll want to check that they are turned on and properly configured. Some experts are critical of this basic firewall software, so many people have turned to firewall programs like ZoneAlarm PRO Firewall ($59.95 for up to three PCs, but there is a basic version for free). After you enable a firewall program, check Shields Up again and look for changes in your report.
3. Turn off file-sharing. A major vulnerability, especially on a Windows computer, comes from having sensitive files in folders where file sharing is permitted. Someone who gets to your computer can then access everything in those folders. As a general principle, you can turn off and on file-sharing for individual folders. A good idea is to have only one “public” folder where you can put files that can be shared only when they need to be shared.
4. Get malware protection. If you’ve read anything lately about botnet attacks, you’ll know that a primary goal of malware is to allow bad actors to take over your computer and launch cyberattacks over the Internet. Good anti virus/malware protection is a must today. A sound practice is to scan for malware after you’ve used any public Wi-Fi network.
5. Use good security hygiene. If you will be in a public Wi-Fi setting, you need to concentrate on good se curity practices. Use a virtual private network if you have that option available to you. Evaluate your surroundings and the people around you.
Download sensitive documents at your office before you go to a coffee shop. Use strong passwords. Activate security protections for social media accounts. Be hesitant to use online banking, e-commerce and other sensitive services in a public setting.
Make sure that when you see multiple Wi-Fi networks at a location, you use the correct network and avoid any network called public Wi-Fi. Use common sense, update programs, be aware of current security issues, and follow the instructions of your IT department or consultant.
Public Wi-Fi can help lawyers in many ways, both to do their work and to be more responsive to clients. However, never assume that your computer is safe on public Wi-Fi. In fact, it’s best to assume that your laptop is always a target. A few simple steps can help you be safer, but the key is to remember that good security is an ongoing process and commitment.
Dennis Kennedy is a St. Louis-based legal technology writer and information technology lawyer. DennisKennedy.com is his website and the home of his blog.
