Let’s say you need to send an urgent email to a client while you’re at the store. Or, you’re traveling and need to take a Zoom call at your hotel. Maybe you need to access sensitive client data or employee information while on public Wi-Fi. You wonder how you should connect to the internet to do your task. The easiest and simplest thing to do is just pull out your phone and get the job done. But what about Wi-Fi security concerns?

We’ve all heard the warnings that we should never use public Wi-Fi for business. So many things have changed since the pandemic. It’s important to revisit the old rules to see if they apply in our post-COVID-19 world. And Wi-Fi security is a prime example. So I decided to delve into the question to see whether there are safer ways to access an unsecured network. Should some things never be accessed over public wireless?

Remote Working Is Different Today

It used to be much easier to connect over secure wireless. After all, the boundaries between work and home were much clearer. At the time, we thought the boundaries were fuzzy. Then, the pandemic happened. The boundaries completely disappeared. Expectations for always being on reached new levels we didn’t think were possible.

Employees began using their flexibility for working wherever. For some, that meant working for months at a rental home somewhere across the country. For others, it meant taking advantage of the flexibility to go to the store during lunch. Most of us now find ourselves in more situations where we need to handle a work task outside the reaches of our secure internet.

It’s unrealistic for companies to expect employees to never do work over unsecured Wi-Fi. After all, many of them demand, even subtly, that employees be available all the time, no matter what. The right approach is instead to figure out a realistic and practical way to balance security with today’s business needs. And also be willing to accept that being always on isn’t the right answer for the company or employee.

Public Wi-Fi Security Concerns for Business

The next time you find yourself looking to log on to public wireless for work, stop and ask yourself if it can wait. If the answer is yes, then hit the pause button. Add the task to your to-do list for when you are at your office or in range of your secure home internet.

Browsers and sites have HTTPS and traffic encryption that safeguard them when using public Wi-Fi. Therefore, it’s pretty safe for consumers. Business data may be another matter, though, depending on the type of work you do.

If it can’t wait, one option is to connect using cellular data. You can do this by using your phone for the connection, such as using the Zoom app on your phone for your next video call. The other option is to tether another device to your mobile device and then access the internet. Your phone automatically encrypts all data sent over the cellular network. That protects you from many of the common schemes, such as accidentally connecting to fake public wireless or another person nearby using eavesdropping tools to see the data you transmit.

If there is no way to use cellular, such as when you lack a cell signal, another option is to connect over public wireless but use a browser with built-in encryption. This makes it much harder for a threat actor to intercept your data and then gain credentials to access your account.

Are Some Types of Data or Tasks Safer Than Others?

Yes. Maybe. Sort of. Not really. Some types of data are always unsafe to access over public internet because their value to the company is too high to take any risks, such as financial, customer and employee data. This is especially true for data protected by regulations and privacy laws. If you find yourself about to access these types of data over public Wi-Fi, just don’t do it. Sure, it’s very possible that nothing will happen if you do. But the value of the data to the company and the risk to the company if something happens to the data are too high.

But that doesn’t mean that the flip side is true – that it’s safe to access nonsensitive information over public wireless. While you’re connected over public wireless, cyber criminals can cause many types of harm, regardless of what you access. Your device could become infected with ransomware, which you then unknowingly spread to the network. A cyber criminal could also intercept your credentials and then use your access to log in to the network and cause harm. Or you might find yourself in one of many other scenarios that cause other parts of the network and data to be infected.

Do VPNs Improve Public Wi-Fi Security?

Most people assume the answer is to use a virtual private network (VPN). And that’s neither entirely wrong nor completely right. Even though the VPN industry has done a fabulous job of making you think the mere act of connecting through a VPN solves all problems, it’s not that simple. And as you might expect, not all VPNs are created equal. Does your niece in middle school use a free VPN to get around her school’s site blocker to access TikTok while in science class? That VPN is probably not the best choice to use when accessing sensitive information.

Many organizations are increasingly turning to use VPNs that are integrated into their cloud service provider. In addition to following the latest security protocols and protecting your data from current threats, this type of VPN typically does not require extra steps for the user. Importantly, this type of VPN also typically does not cause the internet to run too slowly, as is the case with many VPNs. An integrated solution also makes it much less likely that an employee will forget to log in to the VPN. That happens quite often when it’s a separate step, such as when using a third-party VPN.

As we emerge from our pandemic habits and routines, we can’t and won’t simply go back to the way things worked before. Take the time to create a solution for employees that works for today’s world, not the one before March 2020. That way, organizations can balance the need for safety and productivity when it comes to Wi-Fi security.

More from Data Protection

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today