Story image

Employees who use public wifi are playing a game of risk, says CompTIA

20 Mar 2017

Employees could be putting your organisation at risk just by the wireless networks they use, says tech industry association CompTIA.

Employees who use unsecured networks, such as public Wifi networks, could compromise an organisation’s entire internal network if there is a breach, exposing potentially sensitive company data.

A survey by GFI found that 95.6% of respondents used public Wifi to carry out work tasks. While they might know the risks, they value conducting business rather than protecting data. They also believe they won’t be a target, so don’t take adequate steps to data protection.

Sean Murphy, CompTIA’s ANZ channel community executive council member and owner of Nexus IT says that anyone can potentially see devices on public wifi networks. He believes that even those who switch their device configuration to ‘public network’ aren’t protected.

“Cyber criminals have network analysers on their smart phones to see what operating system and IP address people are using, to engage in attacks on their system,” he says. 

Further, anyone on the network can see and explore the device. Traffic can be intercepted stealthily, creating opportunities for malicious activity such as man–in-the-middle attacks, and identity and data theft. With many professionals using public Wi-Fi to conduct business in an increasingly mobile world, businesses must consider whether the risk is acceptable,” he continues.

CompTIA says that employees should avoid:

  • Logging into personal accounts. Public networks allow hackers to see login credentials and save them for later
  • Using banking or actions that involve personally identifiable information, such as checking statements, credit card accounts and logging into email accounts through browsers
  • Logging into business accounts
  • Sending messages through social apps such as Facebook, Messenger and Skype as these are not encrypted and can be intercepted.

“Many businesses are failing to ensure that mobile devices are secure whether they are company-issued or BYOD. Many have little or no security, no passwords set up, no encryption and no security software. This put the company, the employee and customers at risk of suffering a cyber attack,” Murphy says. 

“While public Wi-Fi may be convenient and can add business value, employees should be mindful and take precautions. If possible, employees should wait until they are back in the office or can access a secure Wi-Fi connection before accessing sensitive files or systems,” he concludes.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.