With almost one billion mobile connections in place, it is easy to understand why these devices are targeted by hackers. Employees connecting at Starbucks, in airports, on planes and in hotels open themselves up to additional security breach risk by accessing information through mobile hotspots. Mobile hotspots can be easy targets for hackers by setting up spoofs to get your employees to unknowingly log into unsecure networks, making them vulnerable to Man in the Middle (MitM) exploits. As an employer, it may be impossible to prevent employees from using hotspots, so it is very important to take steps to protect your business. Below is an example of how hotspot hacking works and how businesses with mobile users can protect themselves.
Is Your Mobile Device Hackable?
According to research by Gartner, almost half of us will first turn to a mobile device for online tasks. Business users in particular rely on mobile connectivity to be productive. Using a open Wi-Fi hotspot may put you and your business at risk of hacking. Most people are aware of the risks, however it comes down to convenience. Hackers can use software that makes a mobile device appear to be connected to a familiar Wi-Fi network, but in reality, all traffic is routed through an imposter that captures your data (MitM). Many mobile applications attempt to stop this type of proxy attack by ensuring a secure, end-to-end SSL connection refusing to make an unencrypted login. However, mobile applications may not always verify the secure SSL connection is actually secure.
Does Your Business Needs a VPN to Protect Mobile Users?
A Virtual Private Network (VPN) is a network that is constructed by using public wires — usually the Internet — to connect to a private network, such as a company’s internal network. There are a number of systems that enable you to create private networks using the Internet as a way for transporting data. These systems use encryption and other security mechanisms to allow only authorized users to have access. One benefit of having a VPN service is the ability to integrate network security policy and enforcement under a single management platform, meaning remote VPN clients automatically inherit a standard set of policies upon login.
Stay Safe by Educating Your Employees
We may know not to use unsecure Wi-Fi, but getting your employees to do so, may be harder. Educating your employees is a first line of defense to prevent data loss and data leak. Training on the threat, exposure and risk of a data leak or loss reminds your employees to be aware.
If you feel your network should be more secure, contact your IT Service Provider to find out how to protect your network within your budget and the security requirements of your business.