Let’s say you need to send an urgent email to a client while you’re at the store. Or, you’re traveling and need to take a Zoom call at your hotel. Maybe you need to access sensitive client data or employee information while on public Wi-Fi. You wonder how you should connect to the internet to do your task. The easiest and simplest thing to do is just pull out your phone and get the job done. But what about Wi-Fi security concerns?

We’ve all heard the warnings that we should never use public Wi-Fi for business. So many things have changed since the pandemic. It’s important to revisit the old rules to see if they apply in our post-COVID-19 world. And Wi-Fi security is a prime example. So I decided to delve into the question to see whether there are safer ways to access an unsecured network. Should some things never be accessed over public wireless?

Remote Working Is Different Today

It used to be much easier to connect over secure wireless. After all, the boundaries between work and home were much clearer. At the time, we thought the boundaries were fuzzy. Then, the pandemic happened. The boundaries completely disappeared. Expectations for always being on reached new levels we didn’t think were possible.

Employees began using their flexibility for working wherever. For some, that meant working for months at a rental home somewhere across the country. For others, it meant taking advantage of the flexibility to go to the store during lunch. Most of us now find ourselves in more situations where we need to handle a work task outside the reaches of our secure internet.

It’s unrealistic for companies to expect employees to never do work over unsecured Wi-Fi. After all, many of them demand, even subtly, that employees be available all the time, no matter what. The right approach is instead to figure out a realistic and practical way to balance security with today’s business needs. And also be willing to accept that being always on isn’t the right answer for the company or employee.

Public Wi-Fi Security Concerns for Business

The next time you find yourself looking to log on to public wireless for work, stop and ask yourself if it can wait. If the answer is yes, then hit the pause button. Add the task to your to-do list for when you are at your office or in range of your secure home internet.

Browsers and sites have HTTPS and traffic encryption that safeguard them when using public Wi-Fi. Therefore, it’s pretty safe for consumers. Business data may be another matter, though, depending on the type of work you do.

If it can’t wait, one option is to connect using cellular data. You can do this by using your phone for the connection, such as using the Zoom app on your phone for your next video call. The other option is to tether another device to your mobile device and then access the internet. Your phone automatically encrypts all data sent over the cellular network. That protects you from many of the common schemes, such as accidentally connecting to fake public wireless or another person nearby using eavesdropping tools to see the data you transmit.

If there is no way to use cellular, such as when you lack a cell signal, another option is to connect over public wireless but use a browser with built-in encryption. This makes it much harder for a threat actor to intercept your data and then gain credentials to access your account.

Are Some Types of Data or Tasks Safer Than Others?

Yes. Maybe. Sort of. Not really. Some types of data are always unsafe to access over public internet because their value to the company is too high to take any risks, such as financial, customer and employee data. This is especially true for data protected by regulations and privacy laws. If you find yourself about to access these types of data over public Wi-Fi, just don’t do it. Sure, it’s very possible that nothing will happen if you do. But the value of the data to the company and the risk to the company if something happens to the data are too high.

But that doesn’t mean that the flip side is true – that it’s safe to access nonsensitive information over public wireless. While you’re connected over public wireless, cyber criminals can cause many types of harm, regardless of what you access. Your device could become infected with ransomware, which you then unknowingly spread to the network. A cyber criminal could also intercept your credentials and then use your access to log in to the network and cause harm. Or you might find yourself in one of many other scenarios that cause other parts of the network and data to be infected.

Do VPNs Improve Public Wi-Fi Security?

Most people assume the answer is to use a virtual private network (VPN). And that’s neither entirely wrong nor completely right. Even though the VPN industry has done a fabulous job of making you think the mere act of connecting through a VPN solves all problems, it’s not that simple. And as you might expect, not all VPNs are created equal. Does your niece in middle school use a free VPN to get around her school’s site blocker to access TikTok while in science class? That VPN is probably not the best choice to use when accessing sensitive information.

Many organizations are increasingly turning to use VPNs that are integrated into their cloud service provider. In addition to following the latest security protocols and protecting your data from current threats, this type of VPN typically does not require extra steps for the user. Importantly, this type of VPN also typically does not cause the internet to run too slowly, as is the case with many VPNs. An integrated solution also makes it much less likely that an employee will forget to log in to the VPN. That happens quite often when it’s a separate step, such as when using a third-party VPN.

As we emerge from our pandemic habits and routines, we can’t and won’t simply go back to the way things worked before. Take the time to create a solution for employees that works for today’s world, not the one before March 2020. That way, organizations can balance the need for safety and productivity when it comes to Wi-Fi security.

More from Data Protection

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today