Whether you're home or on the road, these security steps will help protect you and your computer from wireless scoundrels.
As more people use laptops for their primary work PCs, the chances for being compromised because of wireless miscreants loom large. Here are 10 how-to tips to protect yourself and make the best use of a wireless network, whether you are at home, at work, or in between.
Avoid peer-to-peer connections, like the Linksys one in this example.
1. Make sure you are connecting to the right network.
Although this sounds sort of obvious, I've noticed in my travels that there are lots of unscrupulous people who purposely name their wireless connection "Linksys," or some other common vendor's name, in hopes of getting someone who is less than careful to connect to them. The security industry calls these sorts of conditions "evil twins."
The issue here is that your laptop is set up to automatically connect to a particular access point's Service Set Identifier (SSID) -- so someone who uses a common name can grab a bunch of users who aren't wary. There are also tools (such as AirJack) that an attacker can use to disconnect users from the right access point and have them then connect to his rogue network. (More information about this exploit is available from Nomad Mobile Research Centre.)
When you are out on the road, look carefully at the screen that shows the available network connections, and particularly at the different icons next to the connections. The icon that looks like a light beacon indicates an access point, while the one showing two computers with connecting lines indicates a peer-to-peer connection. These peer-to-peer connections are the ones to avoid. There is also a padlock icon that indicates whether or not an access point is running encryption protocols. In the screen shot above (we use Windows XP for our examples), the "wireless" network is an access point running encryption, while we have mistakenly connected to another computer called "Linksys."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.