At the train station, in a hotel, in a coworking space or at a trade fair, hopping onto public Wi-Fi has become second nature. Convenient, certainly — but it is a network you do not control, and it can expose both your personal data and your company's.
Why an open network is exposed
ENISA, the European Union Agency for Cybersecurity, recommends connecting via secure networks and avoiding open or free ones: on an insecure connection, people nearby can snoop on your traffic, and more technical attackers may even hijack the connection.
Safeonweb, the initiative of the Centre for Cybersecurity Belgium (CCB), highlights a second danger: fake networks. A cybercriminal can quite easily set up a fraudulent Wi-Fi network with an enticing name close to the legitimate one (for instance "HotelSunandSee_superfast" next to the official "HotelSunandSee"). Connect to it, and the criminal can intercept your online activity.
Before connecting: four habits
- Prefer your mobile network. 4G is always safer than public Wi-Fi. If your data plan allows it, use your phone as a hotspot for your laptop.
- Ask for the exact network name (SSID) at the front desk, and choose a password-protected network over a fully open one whenever possible.
- Turn off auto-connect: your device should not search for and join Wi-Fi networks without you noticing.
- Install a VPN, your "personal secure tunnel" through the Wi-Fi network. For corporate applications, ENISA recommends encrypted communication channels (a corporate VPN) and multifactor authentication on application portals.
During the session: limit the risks
- Do no banking or other important transactions over an open Wi-Fi network.
- Avoid creating accounts or typing passwords: they could be intercepted. Also avoid installing new applications while connected.
- Browse only secure websites, recognisable by the https:// address.
- Do not exchange sensitive company information over a possibly insecure connection.
- In a shared space, lock your screen as soon as you step away.
After use: disconnect cleanly
Leave the network as soon as you no longer need it, and make your device "forget" public networks so it does not reconnect automatically. Finally, keep your operating system, applications and antivirus up to date: it is a baseline protection in any mobile situation.
These recommendations from Safeonweb (CCB) and ENISA are general: your employer's security policy may impose stricter rules, such as mandatory use of the corporate VPN or an outright ban on public networks. When in doubt, your IT department remains the first point of contact.