Nowadays, teleworking or following a hybrid work model has become commonplace. The question we need to ask ourselves is, is our remote connection secure? The National Security Agency (NSA) in the United States has published a best practices info sheet for government workers and contractors working in areas related to national security and defense. The info sheet supplies advice on how to avoid cyber attacks due to a compromised or unsecured wireless connection.
The dangerous weakness of public WiFi
Public networks are always the weakest link in the chain and hackers know this. Hacking into a WiFi connection is very simple and doing so can give cyber criminals access, in the worst-case scenario, to corporate servers where they can inject malware. Moreover, a wireless connection breach is very expensive: TJ Maxx quantified the cost for a corporation of a single security breach at $1 billion.
Given the sensitive nature of the information handled by the NSA, the NSA provides a list of do’s and don’ts to follow for remote connections:
- First, avoid, if possible, connecting to an unreliable WiFi network and, failing that, use a corporate access hotspot with a strong encrypted connection. But if there is no alternative, protect the connection as outlined below.
- Use a trusted VPN connection that encrypts data transmission. The agency points out that public WiFi connections are not usually encrypted and, in some cases, do not even require an access password. Some hackers create malicious wireless networks as bait, which emulate existing ones and use them to access the connected device.
- The NSA also recommends only connecting to websites that use the HTTPS protocol.
- Finally, the agency recommends disabling Bluetooth in public places as there are too many risks involved.
In addition to the complexity of achieving a secure remote connection, there is the challenge of using many security solution providers, which is a huge obstacle to effective security service management. Currently, 96% of MSPs surveyed by Pulse and WatchGuard are consolidating vendors to IT products and services or planning to start the process in 2021/2022 to help this situation.
New WiFi 6 access points now in…