A freelancer's guide to wireless security
This is a post from a member of the Freelancers Union community. If you’re interested in sharing your expertise, your story, or some advice you think will help a fellow freelancer out, feel free to send your blog post to us here.
Who else loves wi-fi? Whether you freelance from home or rove the world as a digital nomad, you can't beat it for convenience.
But how well can you stand up to hackers?
The importance of wireless security
Poor wireless security means the bad guys can spy on you and maybe even hijack your network. It can mean stolen passwords, stolen bank details, identity theft, ransomware, all your secrets revealed and your professional reputation in tatters.
And here's the thing: as a freelancer, you probably don't have a team of in-house IT professionals to fall back on. It's just you.
Good news: a few simple steps is all it takes to slash most of your risk. Let's jump right in.
Working from home means you've got your entire business running on your local network–and probably all your household traffic as well.
So how do you keep it safe?
Encrypt, encrypt, encrypt
Wireless networks broadcast signals into the surrounding air. So what's to stop anyone with an antenna from eavesdropping? Well.. nothing really.
That's why it's so important to encrypt these signals. You can't stop anyone from listening in, but you can stop them from making sense of it.
There are three wireless encryption protocols in widespread use: WEP, WPA and WPA2. You should avoid WEP and WPA. They are both outdated and riddled with security vulnerabilities.
WPA2 has been in use now since 2004. That means just about everything you'd want to use will support it.
Change the network name
Using the default network name makes it so much easier for an attacker to work out what router you're using. Then it's a cinch to look up all the known vulnerabilities on your device.
Imagine handing a jewel thief a map of your museum marking the contents of all the safes and the locations of all the security cameras and guard patrols. That's basically what this amounts to. Stop doing it. It's stupid.
While you're at it, don't use your own name, the name of your business, or anything else that could identify you. Something bizarre and wonderful is best. That makes it just that extra little bit more difficult to figure out which wireless signal is yours.
Here's the deal: people discover security holes in networking devices all the time. Last October, there was a huge vulnerability found in almost every wireless network on the planet. And countless problems have been found in specific devices.
Keeping your computers, phones, and tablets up to date is pretty easy–if they're set up to apply automatic updates, then you're covered.
The bit that most small business owners miss is the firmware on the router–it's kind of like the operating system for the device. You'll find the instructions for how to update it in the device's manual; google it if you've lost the physical copy.
On the road
Okay, so now you've secured your home wireless network. But what about using someone else's?
The bottom line is that you have no way to really know how seriously anyone else takes wireless security. It's very likely that the firmware in the router has never been updated. So assume the worst: that anyone could be watching at any time.
Part of the problem here is that all the wireless networking standards in widespread use today are designed so that anyone else on the same network can see what you're doing. Wireless encryption can shield what you're doing from outsiders, but it's no help against anyone on the same network.
Does this mean that nothing you do is ever secure?
A bit of paranoia can't hurt
In fact, dealing with all the finer points of this can be such a pain that, for short trips, it might just be less hassle to avoid public wi-fi completely.
You can instead connect your laptop to the internet with a 4G USB modem and prepaid SIM card, which can be had for a similar price to your last tank of gas. Your phone, of course, already has mobile data.
But what if that's not practical? Either because you're going somewhere where the mobile network sucks, or because you're traveling through multiple countries?
It's like this: when you visit a website address that starts with http, that means everything you do on this website is visible to everyone else on your network. That includes any passwords or credit card details you enter.
Websites with addresses that start with https encrypt their traffic. Make certain that any website you submit any information to is using the https protocol.
Here's one crucial website not to overlook: your own. If your website is on an unsecured http address, that means that every time you log in to the administration section, your username and password are visible to the whole network.
The login details to your own website are a dreadful thing to hand over to the bad guys
That's all they need to hijack your website to spread malware to your customers, add links to Viagra websites or just hold you to ransom–there's so much scope to screw with your livelihood here. So if you absolutely can't avoid logging in to your website using public wifi, it's time to migrate to https.
Using the https protocol is not 100% private–the whole network can still see which websites you are visiting. But it keeps your usernames, passwords, credit card details, and private messages secure, and that's pretty great.
Stop reusing passwords
Once you start paying attention to which websites have https installed, you'll notice that it's not Facebook and Gmail that skip encryption.
The websites that handle unencrypted usernames and passwords tend to be more along the lines of privately owned internet forums and social sharing websites. While it's definitely a pain to get these accounts get hacked, it's not the end of the world.
But what if they can take those exact same login details and get into your PayPal account? Well, that's a larger problem.
Not reusing passwords is good sense anyway. If you're out there using public wi-fi, it's crucial.
Remembering so many unique passwords is, of course, impossible. This is where using a password manager can make your life way easier.
It's not just your web browsing you need to protect. You hardly want prying eyes reading your emails or hijacking your email account.
You can rely on the most popular webmail apps–like Gmail or Outlook–to encrypt their traffic.
But if you use an old-school email client that downloads emails to your computer, check the settings to make certain that it connects to your email provider using an encrypted SSL/TLS connection.
If the connection is unencrypted, that means your username and password are visible to everyone on the network. That's all anyone needs to hijack your email account.
Do you use FTP to upload files to your website? Bad news: FTP transmits your username and password in plain text, visible to the whole network. That means the bad guys can upload whatever they want to your website.
Using a VPN
If you're a real road warrior, you might want to consider a virtual private network, or VPN.
A VPN sends all your internet traffic through an encrypted connection to a remote server–that makes it perfect for shielding you from prying eyes on a public wireless network.
Some home routers can even be configured to work as a VPN server–this gives you a free service that you can trust. But if your router's in Peoria and you're in Paris and you suddenly need to switch it off and on again, it can be tough to hook that up.
New tech will make this easier (one day)
Does this all sound like a total pain in the backside? Well... it kinda is. But new wireless standards will make it easier to connect to wireless networks safely.
Just last January, the Wi-Fi Alliance announced a new wireless encryption standard to replace WPA2, imaginatively titled WPA3. You will start seeing this in devices later this year.
One of the benefits of WPA3 is that it can offer individual encryption for each person on the network. This will make secure wireless networking much more painless for freelancers who rely on public wi-fi.
In theory, there's nothing to stop every hotel and cafe owner from buying a WPA3 router the moment they hit the shelves. But in the real world, few small business owners are that engaged with wireless security.
Dedicated coworking spaces will hopefully move to WPA3 not long after new routers are available. But it will be a few years yet before you can assume it's in every cafe from Bangkok to Boston.
Using wireless networks without thinking about security is a bit like driving an uninsured car: Most of the time, you'll probably get away with it. But when your luck runs out, it can be so devastating that it's just not worth the risk.
It's one of those situations where going to a little bit of trouble right now can save you from a hell of a lot of trouble down the track.
For more on small business computer networking, check out the Small Business Owner's Guide to Computer Networks.
James Mawson is a freelance content marketer turned technology entrepreneur. By night, he cooks Chinese food and plays retro video games (poorly). By day, he is a co-founder of DXM Tech Support, an IT services team based in Melbourne, Australia.