Is Free Public Wi-Fi Safe?

If you work remotely or travel a lot for your job, you probably take advantage of free public Wi-Fi often. Unfortunately, that probably means you’re regularly opening up your devices and your data to serious security threats. And if you’re a heavy user of cloud services, which often store your data on a remote server rather than your computer, Wi-Fi security is even more crucial.

Most people these days have password-protected networks at home, so it’s unlikely that anybody is able to snoop on your data as it passes between your device and your router. But when you’re surfing the Web via a free public Wi-Fi at a cafe, library or airport, you should be suspicious of everyone, says technology consultant Leo Notenboom of Ask-Leo.com. “It’s trivially easy for any of them to be watching your unencrypted information flying by.”

Here’s what you need to know to stay safe next time you’re surfing on a free public Wi-Fi connection.

Free Public Wi-Fi Tip No. 1: Turn on your firewall.
The cafe might use firewall software to protect your computer from outside attacks, but that doesn’t protect you from other people surfing around the same Wi-Fi network inside the cafe. Be sure your computer’s firewall is turned on.

Free Public Wi-Fi Tip No. 2: Protect your smartphone or tablet.
If your smartphone or tablet connects to Wi-Fi networks, require it to ask your permission before joining any network. A lot of people never change the default network name, so if you logged on to your friend’s “linksys” network, your device will remember that and could automatically join any network of the same name in the future -- unless you tell it to ask your permission first.

Free Public Wi-Fi Tip No. 3: Use strong encryption.

Encryption works by disguising data that your computer wirelessly sends to a router. Without it, that person sitting near you at the cafe could use special software to intercept and see all the data that travels back and forth between your device and the router. And that means everything: emails, passwords and things you search for. That’s why it’s imperative, says Notenboom, to use encrypted sites when possible.

How do you know when a site offers encryption? Instead of “http” at the beginning of the address, you’ll see “https.” You’ll also see a little padlock icon in your browser window, usually on the bottom right.

What else should you consider encrypting?

  • Your email. If you use a locally installed email program such as Outlook or Entourage, you can protect your mail and passwords by using something called SSL (secure sockets layer) on each of your accounts. This encrypts all your data when you send and receive email. Not all email providers allow the use of SSL, though, so check your provider’s help page.
  • Your Facebook and Twitter pages. Facebook and Twitter recently began offering encrypted sessions; just go into your account settings and find the option that says “Always use https.”
  • Your Google search. If you think the keywords you’re searching could be embarrassing or you prefer to keep your privacy, try the secure version of Google search. Instead of going to Google.com, do all of your searching at Encrypted.Google.com.
  • Everything. Consider a VPN service. VPN stands for virtual private network and encrypts everything you send and receive. You can download free mobile VPN software from such a site as Hotspot Shield and everything -- instant messages, passwords, emails and websites -- will be virtually impenetrable to prying eyes whenever you’re using a free public Wi-Fi connection. Or if your employer offers its own VPN, always connect to it through your computer or mobile device.

“That guy in the corner of Starbucks with his laptop -- do you trust him with your private data?” asks Notenboom. Follow these Wi-Fi safety tips, and you won’t ever have to ever wonder.

Keep Your Data Safe When Telecommuting

Thanks to the Web, more and more people are working remotely -- from home or anywhere. But not commuting anymore doesn't mean you don't have the same security issues that your corporate-office counterparts do. Here's how to protect your data, devices and computer without an IT department:

1. Back up your data in the cloud.
It’s easy to lose all your work: One computer virus or hard-disk-drive meltdown, and your important files may vanish forever. That’s why, when working from home, backup is crucial. Instead of depending on bulky hardware, try the many cloud services on the Web. They back up new content every night while you sleep, keeping your files safe and allowing you access from any computer at any time.

"Backup used to be cost-prohibitive," says Phil Montero, founder and CEO of an online resource called You Can Work From Anywhere. But these days, many online services charge as little as $50 per year, depending on your needs. Mozy even offers certain amounts of backup for free. If you’re only backing up documents, Google Docs is another good bet.

2. Protect your computer and critical files.
If your employer issues you a PC or laptop to use at home, they'll often install security software or a Web-based security service to block viruses or bar hackers. But if you are self-employed, the burden of protecting your computer and data from the increasing array of online security threats falls squarely on your shoulders.

When choosing a cloud-based security service, be sure it protects your computer with antivirus, spyware and firewall programs. It should also constantly updates to protect you against evolving threats.

You should also limit your family members’ access to your work computer. "You have to be sure that the really critical stuff isn't made accessible to someone who shouldn't have access to it," says Jack M. Nilles, founder of JALA International, a global telecommuting consulting company. "That includes the kids getting on your computer and downloading something [harmful]."

Finally, keep passwords and ID numbers private so they don’t fall into the wrong hands.

3. Seamlessly collaborate with others.
Whether you work on your home computer once a week or full time, if you need to share files with colleagues, synchronization tools can help ensure you (or your team) are working on the correct or latest version of a document. The “old” way to do this was to copy the files from your home computer onto an external hard drive, CD or thumb drive and install them on your work computer. But this process sets you up for accidentally writing over the most recent files -- and what if this external backup device you were depending on is destroyed or lost?

Cloud services enable you to sync automatically to ensure speedy backups. Or try Microsoft’s FolderShare, which allows you to synchronize files with colleagues over the Web.

There's no doubt to the benefits of Web to the home office worker. That said, you want to be smart about security issues. To really cover your bases, in addition to backing up and securing your data, Niles also says it's important to get a clear protocol from your company or clients: "We recommend that telecommuters working for a company have a formal agreement specifically stating who is responsible for what." This way, you can always fall back on the agreed-upon security plan for your best-quality work away from your IT department.

How to Prevent Identity Theft

You’re ready to drive that new minivan off the lot when the salesperson gives you the bad news: You didn’t qualify for the loan. He shows you your credit report with numerous unpaid accounts. Until today, you thought you had perfect credit.

“If a thief has your social security number and date of birth, he can look legitimate on a credit application,” says Beth Givens, director of the Privacy Rights Clearinghouse, a nonprofit information and consumer advocacy organization. “I’ve seen people lose their dream homes because they suddenly can’t qualify for a mortgage.”

Sounds scary, but don’t pull the plug on your computer just yet. You can reduce the risk of online identity theft by taking these steps:

Identity Theft Tip No. 1
Understand phishing and spyware.

Have you ever gotten an email that claims to be from your bank or favorite online auction and says something along the lines of “You must restore account access” or “Your credit card number on file is about to expire”? Well, most of these emails are actually sent by phishers, who take you to a spoof website where you unknowingly enter your account information -- only to have it stolen. Delete emails that ask you to reveal sensitive information, because reputable companies will never ask for your account information via email.

You also need to beware of spyware. These programs sneak onto your computer through email and pop-ups. Then they gather data as you type and send your passwords and other sensitive information to malicious hackers. Use antispyware software or an online security service to keep your computer and devices safe.
 
Identity Theft Tip No. 2
Read the privacy policy before giving up your social security number.

Here’s the thing: Your online DVD rental service doesn’t need your social security number to set up your account. In general, be stingy with the data you give out online. Always read the site’s privacy policy to see why it needs your data and how it will be used. Also monitor your accounts. Federal law entitles you to one free copy of your credit report each year. Get a copy of your credit report and then go over it carefully to spot potential red flags.

Identity Theft Tip No. 3
Don’t use real words in your passwords.

If your passwords include words from the dictionary, your birth date, the year you graduated college or the name of someone close to you (even spelled backwards), a criminal can easily figure them out on their own or with the help of specialized software. Instead, create passwords with more than six characters, and combine letters and numbers. For example, you might create a password that sounds like something you can easily remember -- such as lyrics to your favorite song -- but is spelled cleverly with letters and numbers.

Identity Theft Tip No. 4
Don’t give to random charities.
Some unsolicited emails may ask you to contribute to unfamiliar charities or to get involved with real estate offers in other countries. These scams ask you to provide your bank account information online to someone you’ve never met. Once the scammer has your information, he can use it to clean out your bank account or commit other types of fraud. Never respond to email offers asking you for your bank account number or for money. If you have a favorite charity, contribute directly through its secure website.

Identity Theft Tip No. 5
Warn your kids about identity theft.
Filtering software can help prevent your kids from sending out their home address and other personal information via email or the Web. But experts say you shouldn’t rely on technology alone. Make sure your kids know why you don’t want them giving out private data or responding to phishing emails. Let them know that they can always come to you with questions if they’re not sure what to do. Also, gather your kids and check out safety-tip sites like GetNetWise.com together to make learning about online privacy a bit more fun.

If your identity is stolen, your first call should be to the police. Report the theft and get a copy of your police report. You’ll need it when you call the three credit reporting agencies to put a 7-year fraud alert on your account. Also file a report with the Federal Trade Commission. Remember, the earlier you catch identity thieves, the easier it will be to recover.