WiFi & Security

Like many public libraries, PLCMC has been adding public access wireless networks to our long list of user services. In fact, just this last week WB became our newest location to offer WiFi.

Anyway, as we continue to expand this service system-wide, I'm beginning to field some questions about wireless and security. Like most public facilities and businesses, our implementation of wifi is unsecured* to help make access as easy as possible. What this means is that the information that is transmitted between your laptop (or wireless device) and the wireless access point is not encrypted** so that anyone with right eavesdropping software might be able to capture your data and listen in. So with all this being said, why don't public wireless hotspots offer better security? The answer lies in the concept of "public." To make a wireless network more secure involves configuring passwords and locking down the connection which therefore removes "easy access" from the notion of a public network.

However even on open access wifi networks, there are still some things you can do to safeguard yourself. Here's a list from JiWire's Complete Guide to Wi-Fi Security - an excellent, easy read, even for the techno-impaired :)

Top 10 Security Tips for Public Hotspots:

  1. Make sure you're connected to a legitimate access point.
  2. Encrypt files before transferring or emailing them.
  3. Use a virtual private network (VPN).
  4. Use a personal firewall.
  5. Use anti-virus software.
  6. Update your operating system regularly.
  7. Be aware of people around you.
  8. Use Web-based email that employs secure http (https).
  9. Turn off file sharing.
  10. Password-protect your computer and important files.

* Optional WEP key is avialable, but key is public.

** Sites that are secured through SSL (secure socket layer) protect your data while it's being transmitted on both wired and wireless networks. These sites typically display the padlock key and have a URL that begins with "https"

Related links: PLCMC's Wireless Network Access Policy

No comments: