By Jason Hoenich on Dec 13, 2018
Whether you’re more productive in your local coffee shop than the home office or you’re traveling for business and working from the hotel lobby or airport lounge, the lure and convenience of public Wi-Fi is strong.
However, if you log onto that public connection, you’ll be sharing the network with dozens, if not hundreds, of other people, which means your data isn’t safe—even if you connect to Wi-Fi with a password. Every time you log onto a public network, your computer sends and shares tons of information, but there is a smarter and better way.
Instead of digging through your security settings every time you plan on using public Wi-Fi and tweaking your settings, take these five common-sense steps to change your ways and keep your data safe:
1. Stick to Common Sites
If you need to access your work email, post some selfies on Facebook, check your bank balance after buying that selfie stick, or do some holiday shopping on Amazon, either wait until you’re at home, work on a trusted network, or access the apps from your phone.
When you’re on your laptop on public Wi-Fi, stick to well-known, harmless sites such as YouTube and Google News. Keep the sensitive browsing to safer networks.
2. Install Security Software
Be proactive and preempt potential issues by installing anti-malware software on your computer and security software onto your browser. If you don’t already have something installed, check out Malwarebytes, which is available for all iOS, Android, Mac, and Windows devices. Malwarebytes protects your privacy through proactive, malware-blasting technology that fights scams, ransomware, malware, and more.
If you’re using Chrome, here are a few solid extensions to install for an extra layer of security:
- Disconnect: This powerful plugin blocks third-party sites from tracking you—and sites load up to 44 percent faster.
- Microsoft Defender: This plugin from Microsoft checks a constantly updated malicious link list to protect you from phishing and malware threats.
3. Strengthen Your Passwords
By now, most people know not to use obvious passwords (we’re looking at you, “P@ssword”), but there are plenty of other best practices that every security professional can agree on that you should know about.
Turn On Two-Factor Authentication
Also known as two-step verification, this feature adds an extra layer of protection for your accounts online. It works like this: After you enter your username and password, you’ll go through a second verification step. This is usually entering a code that was texted or emailed to you or verifying through a third-party app like Google Authenticator.
Password Length Reigns Supreme
Coming up with a super clever and complex password is not as important as making sure your password is 12 or more characters. Believe it or not, it’s harder for cybercriminals to crack long passwords than it is for them to figure out complex passwords.
Most sites require you to use at least six or eight characters and a mixture of letters, numbers, and special characters, but we want you to think long. So, instead of using a password like “G@m3r!8,” go for something like “SteveLovesGamingAllDayLong!” Not only will it be easier for you to remember, but it will give even the most seasoned cybercriminal a run for her money.
Use a Password Manager
Honestly, the best piece of advice in terms of ease of use and security is to use a password manager such as 1Password, LastPass, or Dashlane. Most offer a freemium version, but we recommend springing for the paid version so you’re covered on all devices for all of your passwords.
One caveat: Make sure the password manager you’re using for work logins is approved by your company’s IT department—and don’t mix your personal passwords with your business ones. We recommend using two different managers: one for work stuff, one for personal stuff.
4. Stick with Https
You might have noticed that more and more sites are showing up in your browser as "https" as opposed to "http." That extra "s" adds an extra line of defense, because it means that the site encrypts data passed back and forth between your computer and the web server.
If you’re not sure if you’re on a secure site, look for a padlock icon on the left-hand side of the URL bar. If there’s a padlock and the URL is an https, chances are the site is secure. You can also install a plugin for Chrome called HTTPS Everywhere, which automatically switches most sites from unsecure “http” to secure "https."
It’s not a silver bullet, but it takes you one step further in adopting healthy digital habits.
5. Tether to the Web
Although most security professionals will tell you to connect to a public Wi-Fi network through a virtual private network, or VPN, we actually aren’t fans. Although VPNs route all of your web activity through a unique, secure, private network, they’re expensive and a hassle. It’s easier and cheaper to tether your laptop to your phone’s mobile hotspot. However, we’ve said it before and we’ll say it again, it will always be better to wait until you’re on a safe network to browse sensitive websites like your bank or social networks or email.
Nothing is ever so pressing that it’s worth risking giving cybercriminals access to your personal or company data on a public Wi-Fi connection—but if you must, these tips should help secure your data and privacy.
And if you absolutely can’t work at home or the office without the productivity-inducing noise of a coffee shop, consider using an app like Coffitivity or Noisli so you can stay on your secure home or work connection but still benefit from the dulcet tones of a coffee shop.
Download our Complete Security Awareness Program Plan & Strategy Guide for actionable guidance and strategy tips for creating and growing your security awareness program.