Body
Overview
Wireless networks are convenient, but they are also inherently unsecure; therefore, it is your responsibility as a user to exercise caution when connecting wirelessly. First, before using any wireless network, be sure that your operating system patches and firewall software are up to date. Disabling file and printer sharing while you are using a wireless connection will also decrease the vulnerability of your machine. For maximum security, never join an untrusted wireless network.
What Is an Untrusted Network?
Before logging on to a wireless network, ask yourself these questions:
- Do I personally know and trust the owner of this network?
- Is this network restricted in some way so that anyone using it can be identified and/or removed if that person does something illicit?
If the answer to either of those questions is "No," you are about to use an untrusted network. To use an untrusted network for banking, buying products, or sending private information is the equivalent of standing in the middle of a public space and loudly reciting your account number, credit card number, or other personal information into a cell phone: Sure, it's possible that nobody will steal your information, but why take that risk?
What Can I Do to Ensure Security?
The safest way to use the Internet is to connect via a secure wire and use secure websites; however, if you want to use a wireless network you can follow the steps outlined below to maximize your computer's security:
- Use the Virtual Private Network (VPN) to connect when using a wireless network other than the University's.
- Never save passwords in your browser.
- Wireless networks are extremely vulnerable to "sniffing," meaning it's possible for someone to attach themselves to a wireless network and record all traffic that's going by without even logging on to the network in question (this is also a concern with wired connections, but the danger is worse with wireless). Accordingly, whether you are using a trusted or untrusted wireless network, you should always check the URL of any website you visit that involves personal information (banking sites, email, etc).
- If the URL begins with http://, the connection is not encrypted and is easy to sniff.
- If the URL begins with https://, the connection is encrypted and, while it can be sniffed, it's much harder to sniff anything useful out of it.
- Look for the lock icon in the bottom status bar or the URL field of your browser if you are unsure if the connection is encrypted. By clicking or double-clicking on the lock icon, you should see a window detailing the type of encryption used by the site.
- Turn off your wireless network when you're not using it. If you're not surfing the Internet or sending email, but still using your computer in an area where there is a public wireless network, disable your wireless connection.