Recently, I visited a good-sized company, and I needed to access my email. I flipped open my laptop, found the network, and easily guessed the password -- the name of the company. Sure, it’s convenient for visitors who have good intentions, but what about passersby who are looking for a hotspot to use for less innocuous purposes?
Most of the time, unaware individuals or mom-and-pop cafes offering free WiFi are the culprits, but corporations leave themselves vulnerable by creating wide-open hotspots, too. Here are five things that can go horribly wrong for any organization (or individual) leaving its wireless networks open:
The Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) don’t just go after the individual who downloads copyrighted content. Their lawyers take aim at network providers, and that includes businesses that provide network hotspots. The RIAA and MPAA can claim negligence on the part of the business for not securing their Internet access. A case filed earlier this year in Federal court could determine just how liable negligent businesses are for misuse of their corporate hotspots.
Copyright lawsuits are bad enough, but what if some miscreant is downloading child pornography or committing fraudulent acts while using your company’s hotspot? Internet service providers (ISPs) enjoy a certain amount of immunity -- but hotspot providers do not. Courts haven’t taken on this thorny issue, but they will soon enough.
Intellectual property theft.
While most of the computers on your corporate network aren’t using the hotspot, there is always that one person who is hunkered down on her laptop in the conference room. She’s connected to the wireless network, and since this is the office, she’s set the network as a “trusted” network. All it takes is a savvy miscreant to jump on the wireless network and access her files, and trade secrets or regulated documents could easily fall into the wrong hands.
Becoming a worm hotspot.
You’ve installed antivirus software on every computer on the network -- that is, every computer you control. But viruses aren't the only security threats. With an open wireless network, your servers could easily become a distribution point for worms or a home for distributed denial of service (DDoS) attacks.
Termination of your Internet access.
Some wireless service providers can hold corporate customers responsible for violating Terms of Service (ToS) by endangering network security. If your corporate WiFi leads to security problems, your access could be terminated.
Companies do have options to avoid these problems. First and foremost, create a separate wireless hotspot for visitors. Not a single employee should be connecting to this hotspot.
Second, lock down the hotspot. You can still offer wireless access to guests, but invest in a log-in system that includes an acceptable use policy that users must agree to before they can access the Internet. (Think about when you use the WiFi at Starbucks: You have to agree to their ToS before you can check out Facebook.) This covers you in case someone decides to download the latest Twilight movie while visiting your site or using your WiFi from the parking lot.
Remember, you can be held liable for what people do with your Internet. Keep your network protected.
Some companies are unwilling to set up a separate hotspot with TOS because they don't want the expense, and others set up hotspots and password protect them (which may not be enough to protect their sensitive data). But enterprises can't afford to take these risks.
I like how you laid out the risks so clearly. Unfortunately, many companies fail to see that and are pretty careless with their networks (like the one you mentioned.) Creating a separate hotspot for visitors and setting up a log-in system for outsiders to access the network are good starting points to securing corporate WiFi.
I admit that having to obtain login information or click through as TOS agreement might be a pain sometimes, but if users really want WiFi, then there's no hurdle they won't be willing to go through.
I don't remember where I read it, but it was a gas station owner complaining about how it is that they got stuck with providing bathrooms for everyone on the highway system. That said, it's awfully convenient for travelers that, by and large, you can count on finding public restrooms at gas stations.
So what is it that is going to become the 'public wifi' provider? Starbucks? McDonald's? Something else? I've even seen some state and interstate highways provide wifi on their own at every rest stop, which is great, but it'd be nice to have it everywhere. (Of course you've got the problem of providers making municipal wifi illegal.)
The one complication is that these connections often aren't encrypted, and ISTR the EFF attorneys saying a few months back at Black Hat that there was some legal liability you opened for yourself if you didn't use encrypted connections. I don't recall what it was, though.
I'm wondering if this overlaps with consumer wifi (not corporate) too. I was told this by the technician who "installed" my internet connection. (I believe they do this for revenue purposes as it's not free. not complaining because I'm happy with the different policies by the branch of TW here than other places I've lived).
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Retailers want to personalize shopping in brick-and-mortar locations that have essentially become showrooms for online retailers. They’re capitalizing on the smartphones customers own by looking at products that involve existing Bluetooth technology.
This morning, Fairfax Financial's $4.7 billion deal to take BlackBerry private crashed unceremoniously on the rocks and CEO Thorstein Heins is being forced to walk the plank, but that doesn't mean BlackBerry itself is dead. Pundits can hold off on BlackBerry's eulogy for a bit, because the report recently released by Yankee Group indicates that BlackBerry is healthier than those digging its grave would have you believe. The company is still selling more phones than other manufacturers -- more than Nokia's Lumia, Motorola's X, or HTC's One. Its near-billion-dollar loss is non-cash, and BlackBerry still has $2.6 billion in US dollars in the bank.
After being lamented and lambasted since its July 31 implementation, word on the street -- or at least, on Listservs dedicated to tech professionals -- is that the unpopular software services tax on Massachusetts businesses is going the way of the Yankees’ hopes for the World Series.
News coming out of Canada last week wasn’t good for die-hard fans clutching their Q10s: BlackBerry is looking for a buyer. It’s considering takeover bids, and speculation is running rampant: Will it be Apple, Dell, or maybe Samsung that snaps up the company that was once the pride of Waterloo, Ontario? One thing is certain: pundits are already picking out the company’s casket and readying the burial plot.
For Massachusetts businesses, July 31 is normally just the MLB trade deadline, when employees are more interested in who the Red Sox axed than actual work. But this year, July 31 was also the day a new IT services tax kicks in. Wrapped up in a transportation bill, H.3535, the tax is defined in Section 48 and 49 and applies a 6.25 percent services tax to "computer system design services" and software services.
With the advent of low-cost Web cameras and broadband network connections, home security systems have become a hot business. In addition to traditional security suppliers, like ADT, the market is attracting telcos, cable companies, and energy providers, thereby creating an area of increasing competition.
A survey by JD Powers found that customer interest in product features is lessening as phones evolve. Rather than features, price is driving purchases, and that change could have a dramatic impact on how IT departments secure these devices.
Watching TV is not healthy for you, according to conventional wisdom. Well, that may soon change. Comcast and United Healthcare are now delivering diabetes prevention videos on-demand to high-risk patients. The partnership illustrates how healthcare may be delivered in the future.
Over 20 percent of Verizon's workforce is on strike, thanks to the company's efforts to make up for reduced wireline revenues by reducing the value of wireline union jobs. Given Verizon's current profitability, it's time for management to find a better solution.
Maybe Google+ will be competitive and maybe it won't, but it's likely to introduce video calling and OTT communications as a replacement for standard telephony. There will be major consequences to this, and we don't have an FCC or political framework capable of coping.
You've heard the expression, "Out of the frying pan, into the fire?" Amazon lives in the fire. The e-tailer wins by keeping things hot for its competitors, employees, and itself, according to a new book.
Positec, a manufacturer of power tools for homes and commercial applications, achieves greater customer service flexibility and cuts hold times in half by using a cloud-based service to manage its call center.
Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?