Risky Business: Eliminate the Dangers of Wi-Fi with Cellular-Equipped Laptops
The initial spread of public Wi-Fi hotspots was a welcome computing advancement that changed how we work and play. It meant that no matter where we were or how we got there – café, hotel, airport, train, plane or automobile – we were no longer cut off from the latest financial spreadsheet or episode of Mr. Robot. Unfortunately, over the years a danger has emerged regarding the use of public Wi-Fi – cyberattacks – that have led many businesses to restrict or eliminate its use in employee laptops in favor of a more secure technology: cellular.
The cyber risks posed by public Wi-Fi hotspots are well documented:
- Unsecured or unencrypted hotspots open the door to cyber attackers who can easily steal credentials, intercept communications, or infect devices with malicious code.
- Laptops and other devices that use Virtual Private Networks (VPNs) can extend security from the hotspot to an enterprise's private network, but the Wi-Fi hotspot itself is still vulnerable, which means the laptop or another device, as well as ultimately the enterprise's VPN itself, can still be attacked.
- Even the latest solution for secure mobile connectivity, creating a personal Wi-Fi hotspot using a cellular-connected smartphone or tablet, is vulnerable. Although the mobile device’s cellular connection is secure, the connection from the laptop to the Wi-Fi hotspot may still be subject to attack.
But the biggest shock for Wi-Fi users is that even being near a public Wi-Fi hotspot can be dangerous if the mobile device’s Wi-Fi connection is turned on – even if the device is not logged on through the hotspot! Using inexpensive hardware and software tools, attackers can use this method to sniff or intercept traffic to spread malware or gain access to email, instant messages, or VoIP conversations.
As a result of these risks, businesses are increasingly restricting their employees from using public Wi-Fi hotspots. A survey conducted by independent market research firm Vanson Bourne found that nearly 70 percent of responding organizations in France, Germany, the UK, and the U.S. said they forbid mobile workers from using free Wi-Fi hotspots some or all the time. Another 15 percent said they planned to do so in the future.
Beyond simply banning the use of public Wi-Fi hotspots, some employers, particularly in financial services and other highly regulated industries, require employees to use more secure laptops – or even ban the use of laptops entirely – when traveling, especially in parts of Asia where internet security is very challenging.
The secure cellular solution
A much more secure alternative to using Wi-Fi hotspots is to equip laptops with cellular connectivity instead. In order to operate cellular networks, mobile operators must agree to comply with government laws and regulations regarding customer confidentiality. In addition, most cellular contracts include an obligation on the part of the mobile operator that they provide their customers with a secure network. Given these regulations and contractual obligations, mobile operators have built their cellular networks to be as secure as possible, with multiple layers of defense.
For example, cellular connections with carrier networks have the following characteristics:
- Every device logging onto a cellular network identifies itself and must be authorized to join the network.
- Every data transmission is encrypted, making the data unreadable in the event it is intercepted.
- Cryptographic operations, secure authentication protocols and built-in algorithms protect the air interface between the laptop and base station and between the base station and security-enabled gateway. This means the entire communication loop is protected.
In addition to these mobile operator cybersecurity defenses, enterprises can implement defenses of their own with cellular-connected laptops. For example, technologies now exist that enable enterprise customers to monitor cellular connections to their networks, allowing them to screen these connections for compliance with their security policies.
Equally important, cellular services are now easier to use and more cost-effective than ever. Cellular providers have now begun offering short-term access to their networks (hourly, daily, weekly, monthly, etc.), providing enterprises new internet access strategies that don’t rely on Wi-Fi. These strategies include pay-per-use data rates, which may benefit low-volume users, and unlimited LTE access for a defined period of time, which may benefit users that periodically need to download large files or stream media. For example, Microsoft’s new pay-as-you-go cellular data plans for Windows 10 devices enables traveling employees to have the access they need, when they need it, without the company having to commit to a long-term contract with a single carrier.
In addition, the worldwide availability of cellular connectivity means mobile workers will have access to a cellular network just about anywhere they travel. And evolving regulations continue to make this even easier. In the EU, for example, residents can now travel freely across country borders without incurring the steep roaming charges they used to face. This is a huge benefit for businesses that want their employees to use cellular instead of Wi-Fi for laptop data connectivity.
Given the high financial and reputational damage caused by hacks, ransomware, and other cyberattacks, it is no surprise that companies today rank cyber threats their second biggest concern. By using cellular-equipped laptops, businesses can make their organizations more secure while increasing employee productivity with fast, global wireless connectivity.
Recommended For You
Managing device performance and securing IoT on enterprise networks requires a more comprehensive approach than conventional BYOD infrastructure management delivers.
It’s time to check your computer network because the bane of many a digital security professional’s existence has returned!
Network security is complex and challenging. If you want to strengthen your network security, never follow these four tips.
In the case of cloud-deployed systems that have exposed our data, that silver lining is that we know more about where and how these breaches occur.
IT and security teams must work together to ensure a company’s entire infrastructure is protected, regardless if workloads are run on-premises or in the cloud.