The safest network to use for your information security will never be a public one, however, it’s understandable that we all need to log into public Wi-Fi sometimes – whether it’s to pass time at the airport or to hop on your laptop at your favourite local cafe. When you can, always log into a private Wi-Fi network over a public one, but for circumstances like those above when a private network isn’t available and you don’t want to use cellular data via hotspotting, we’re going to give you the low-down on how to better protect your personal data.
The main reason public Wi-Fi has more security risks than private networks is to do with its lack of encryption, which changes what you write into code so it cannot be read by others. When you’re browsing online via public Wi-Fi and log into a website that does not use encryption, you’re opening up the possibility that other users can see the things you view and the information you enter online – yep, like credit card details or ID! The rise of remote work and shopping online since 2020 has opened up more opportunities for hackers to infiltrate your personal data, with 40% of Australians regularly working from home in 2021 - a trend that is persisting into 2022. One 2021 study found that 73% of Australian organisations with remote workers were specifically targeted. Let’s look at the ways you can keep your data safe when using public Wi-Fi.
If you’re using a laptop (or a browser on your phone or iPad) and it’s unavoidable that you log into a website, ensure you can see the padlock icon on the left-hand side of the website URL in your address bar. This will mean your visit to that site will be encrypted. The website URL should always begin with https, no matter what page on the site you’re on. If one of the website’s pages does not begin with https, your information is no longer encrypted. Some websites are sneaky and will only use encryption on the initial login page, offering a false sense of security, so it’s important to keep an eye on this as you navigate from page to page.
While it can be a time-saver to stay logged into accounts online, if you’re using public Wi-Fi on your device, this can jeopardise your security. As a compromise, consider using an encrypted Password Manager like LastPass, which will safely store your passwords and auto-change them (if you set it to do so). This is a handy tool, since you should change your password every three months and have a unique password for every website you sign into. Also remember to clean out your email inbox/s regularly, either deleting or archiving your emails. This is important because hackers may try and steal sensitive information stored within emails.
Check your device settings to make sure that it doesn’t automatically connect to a nearby, available Wi-Fi network, as this can happen without you realising. You should be able to do this on your phone through the Wi-Fi preferences settings. You can also make your device more secure by making sure it’s up to date, and even installing browser add-ons and plug-ins – but don’t use these as a failsafe, they are just an extra layer of protection. HTTPS Everywhere is a free extension that encrypts your communication with major websites so you can browse more securely. It also features on the Brave browser for iOS and Android, which has been hailed as the safest browser for phones and blocks pop-ups, trackers, and ads. Brave can be downloaded in the App Store for Apple devices and Google Play for Android devices.
Lots of us will be guilty of ignoring a warning that our connection is not private and scrolling to the bottom to click ‘proceed’. It may seem harmless, but when this message pops up, it means the website, despite using https, has an expired or invalid security certificate. If a website does not use https protocol at all, many browsers will alert you. If you’re a Chrome user, you should get a security message and notice a ‘not secure’ icon appearing in the top left side of your screen in the address bar. This means the site is using plain http protocol, which is not encrypted. If you need to visit a http site, never enter any personal details while you’re there. The website may be secure, but the communication between your browser and the website is not.
Some sage advice is to assume a public Wi-Fi network isn’t secure, and not to access your personal or financial information when you’re using one. When you need to get online on your laptop and aren’t at home or work, a great alternative is to hotspot from your phone. A few years ago, this may have been a less feasible alternative, but with better 4-and-5G coverage today and telcos offering much more generous data plans, it’s now a more viable option.
Now you’ve got some tools to be able to use public Wi-Fi more safely, if you have to. Remember, prevention is always better than cure. If you can, always use a private Wi-Fi network or tether your phone to ensure safe, secure browsing online.