How a $5 cup of coffee could cost your company $10,000+ dollars

coffeeWe’ve all been there. Racing between appointments, suddenly realizing that you forgot to send one of your best clients an important document that needs to arrive within 10 minutes.  Being the super resourceful all-star executive (although sometimes forgetful), you stop off at your local coffee shop, order your mocha latte and quickly connect your laptop to the free Wi-Fi. You draft your email, attach your important document, and press send with one minute to spare. The day is saved!

Upon returning to the office, you see your IT security staff running around with their hair on fire yelling something about an intruder who breached the network and stole a 10,000-record database of sensitive customer information and how it can cost the company up to $3 per record to mitigate and protect your valuable customers.

In today’s world of always-connected, free Wi-Fi, this scenario is all too real.

If you send an email, share photos, update your Facebook page, post to your Twitter account, check in on FourSquare over an unprotected, open, Wi-Fi connection, you are sharing personal information over the Internet (and possibly a Wi-Fi access point controlled by a malicious threat), and you are putting yourself and your organization at risk of being breached.

Well, how do you protect yourself? There are some simple, commonsense ways to reduce your exposure:

  • DISABLE AUTO JOIN: By disabling auto joining of Wi-Fi networks, you can ensure that your cell phone, laptop or tablet doesn’t automatically connect an unsecure network without your knowledge.
  • USE FULLY ENCRYPTED SITES: When using a Wi-Fi hotspot, only login or send personal information to websites that you know are fully encrypted. Most browsers will indicate that a website is fully encrypted when it has an https: header versus a http: header, or a padlock in the URL window.  If your browser doesn’t provide this sort of service, you should probably find a different browser.  All major browsers such as Mozilla Firefox, Google Chrome, Microsoft Internet Explorer and the Opera browser provide this capability.
  • SIGN OUT: Sign out of your accounts when you’re done so unencrypted sessions don’t remain open between Internet sessions.
  • USE UNIQUE PASSWORDS: Establish a strong, unique password for each site that you log into.  We will address this in another blog, but creating a unique password for each site is one easy way to increase your security dramatically.
  • USE A VPN: If you regularly access accounts through Wi-Fi hotspots, you might want to consider using a virtual private network (VPN).  VPNs encrypt traffic data between your computer and the Internet, and unsecured networks. Most companies have a virtual private network. However, if you don’t have access to a corporate VPN, there are several ways you can obtain a personal VPN.  Here are just a few:
  1. Private Internet Access:  https://www.privateinternetaccess.com/
  2. Norton Hotspot Privacy: https://hotspot.norton.com/desktop/home.html
  3. Hotspot Shield Elite: https://www.hsselite.com/

For a review of the top 10 VPN providers you can visit PC Magazine at http://www.pcmag.com/article2/0,2817,2403388,00.asp

Following just a few simple steps can greatly increase the security of your personally identifiable, healthcare, financial and other sensitive information when using public Wi-Fi hotspots.  Get in the habit and encourage others to do so too. Please share this information with the rest of your team.