Business Travelers Should Use Mobile Hotspots at Conferences, Hotels for More Secure Access
Hotel WiFis are also susceptible to being hacked like other public spaces. One strategy is to opt for the premium connection options which are more secure because they require credentials to access a network that is password protected, said Choudhury. Another more outdated option to ensure a more protected network is to use a personal Ethernet cable.
"Unlike public WiFi, others will not be able to easily tap into the network if you are using a physical cable connection," he said.
Using a VPN
Wireless connections are susceptible to being hacked, so choosing a virtual private network or VPN prevents sensitive information from being exposed.
"When you are using a WiFi network that you are not familiar with, VPNs play an important role in helping to ensure the security and safety of financial and other transactions," said Joram Borenstein, a vice president of marketing of NICE Actimize, a New York-based financial crimes software solutions provider.
Creating a VPN is simple, and there are free options for travelers such as the one offered by Tinfoil Security, a Mountain Valley, Calif.-based cybersecurity firm or Bucharest, Romania-based CyberGhost.
"Tinfoil actually makes it trivial to build your own private VPN in a matter of minutes and with just two to three clicks of a button," said Michael Borohovski, co-founder of Tinfoil Security. " We originally provided it as a public service to reporters during the Sochi Olympics since there were reports of traffic being snooped, but have kept it around since so many people used it."
While tethering your device to a cellular 4G hotspot is the best option because cellular connections are difficult to intercept and require expensive equipment, the next best option is to use a VPN, said Michael Gregg, COO of Superior Solutions, a Houston-based cybersecurity firm.
"Virtual private connections act to encrypt your traffic and make it very difficult for the attacker," he said.
Using a VPN will keep users "relatively safe, although it's important to realize that shenanigans are possible," said Alex McGeorge, head of threat intelligence at Immunity, a Miami Beach, Fla.-based offensive security firm. "There's no way to be 100% safe using a laptop on a business trip."
Another option is to bring your LTE-based router since cellular data is not as commonly attacked as WiFi and secure the connection with a VPN, he said. McGeorge recommends a third, more technical option to bring a Raspberry Pi/Arduino/ODROID device which will connect to the WiFi and only allows outbound traffic via the VPN.
"Then you physically connect your laptop to this device," he said. "This prevents your laptop from leaking non-encrypted data onto the WiFi network, but is going to be cumbersome when dealing with things live captive login portals."
As CEO of Comunicano, a Del Mar, Calif.-based marketing communications company, Andy Abramson has traveled an average of 200 days a year for the past 12 years and recommends obtaining a Boingo or iPass account. Another option is called FON and consists of a network of users who have FON WiFi routers and allow other FON users to log on for free with the heaviest concentration in Europe.
"For those who travel internationally, buying an unlocked and global frequency travel router is a very cost efficient way to stay connected," Abramson said.
While free public WiFi is now ubiquitous among retailers who offer the service to vie with their competitors, it is nt a secure platform, said Johnson Wu, vice president of products at Acalvio Technologies, a Santa Clara, Calif.- based provider of advanced threat detection and defense solutions.
"There is also the problem with rogue Wi-Fi hotspots equipped with all sorts of man-in-the-middle means of siphoning credentials," he said. "They are often found in sports venues and shopping malls, so whenever possible, use your phone as a hotspot."
Be wary of unsecured Bluetooth connections, since attackers like to "lurk on these networks or create bogus networks to entice victims to connect," said Thomas Fischer, principal security researcher at Digital Guardian, a Waltham, Mass.-based data protection firm.