Learn how to stay secure when connecting to wireless networks — including what makes a network unsafe, how to protect yourself on public Wi-Fi, and when to use NCU's VPN.
Trusted vs. untrusted networks
Not all wireless networks carry the same risk. A network is trusted when you know who controls it and that it's properly secured — your home router, or NCU-Secure on campus. A network is untrusted when anyone can join it without authentication, you don't know who's managing it, or you have no way to verify it's the network it claims to be.
Coffee shops, airports, hotels, libraries, and conference venues all typically offer untrusted networks. The fact that a network requires a password doesn't make it trusted — if the password is posted on a sign or handed out freely, it provides no meaningful security.
What the risks actually are
Rogue access points
An attacker sets up a Wi-Fi hotspot with a convincing name — "Starbucks Free WiFi" or "Hotel_Guest" — and waits for devices to connect. Once you're on their network, they can intercept traffic, redirect you to fake login pages, and capture credentials. Your device may connect automatically if it matches a network name you've connected to before.
Man-in-the-middle attacks
On an open network, an attacker on the same network can position themselves between your device and the internet — silently reading, modifying, or injecting content into your traffic. This is most dangerous on unencrypted connections, but sophisticated attacks can target encrypted sessions too.
Best practices on any network
Follow these regardless of where you're connecting from
- Use the VPN on any network you don't control. This is the single most effective protection on public Wi-Fi. See the VPN section below.
- Verify the network name before connecting. Ask a staff member for the exact network name — don't assume the most prominent one is legitimate. Attackers intentionally name rogue networks to match or closely resemble the expected one.
- Turn off automatic Wi-Fi connection for public networks. Your device connecting automatically to a remembered network name is how rogue access point attacks work. Disable auto-join for any public or untrusted network.
- Keep your device's OS and apps updated. Many wireless attacks exploit known vulnerabilities that patches have already fixed. Staying current closes those doors.
- Use your phone's hotspot instead of public Wi-Fi when possible. A cellular connection is generally more secure than an unknown public Wi-Fi network, especially for sensitive work.
- Turn off Wi-Fi when you're not using it. A device not broadcasting a Wi-Fi radio can't be targeted by rogue access points or passive scanning.
Using the NCU VPN
Use the VPN whenever you're not on a network you control
NCU provides a VPN (Virtual Private Network) for faculty and staff. When connected, the VPN encrypts all of your network traffic and routes it through NCU's secure infrastructure — making it significantly harder for anyone on the same network to intercept what you're doing.
When you should use the VPN:
- Any public Wi-Fi — coffee shops, airports, hotels, conference venues
- Any network you didn't set up yourself
- When accessing NCU systems or sensitive data remotely
Contact the IT Service Desk at 612.343.4170 if you need help setting up or connecting to the VPN.
On-campus Wi-Fi
NCU-Secure
The primary network for faculty, staff, and students. Requires your NCU credentials. Use this for all university work.
NCU-Guest
For visitors and personal devices. Not appropriate for accessing NCU systems or sensitive data. Treat it as an untrusted network.
Eduroam
Available at participating institutions worldwide. Log in with your NCU credentials. Secure for university work when traveling to partner institutions.