Hot Spots: Dont Get Burned

eWEEK Labs advises how not to get burned when using public wireless access points.

Convenience, low cost and increased productivity are driving users to wireless hot spots: Armed with little more than a laptop, an inexpensive wireless card and perhaps a credit card to access fee-based hot spots, users can jump onto a wireless hot spot and gain access to e-mail and other corporate resources.

Public WLAN Best Practices

As the availability of high-speed Internet access via wireless hot spots increases, IT managers can work to protect corporate data and mitigate risks with the following policies.

  • Use a personal firewall and anti-virus software.
  • Use a secure transport (such as IP Security, Secure Sockets Layer or Secure Shell).
  • Disable wireless cards when not in use.
  • Update and enable security software and operating system patches.
  • Do not reuse passwords for sensitive systems.
  • Set up secure Web browsing and instant messaging using an IPSec tunnel.

Source: @Stake Inc.

Wireless hot spots take Internet access to places it couldnt easily go in the past. But as any IT manager will attest, public wireless hot spots combined with 802.11 ubiquity (sanctioned or not) is a source of concern—mainly with security.

Still, IT managers and wireless LAN experts say many of the dangers inherent in wireless hot spots are the same as those encountered when accessing corporate data beyond the firewall. And, they say, the productivity gains of anytime, anywhere Internet access far outweigh the potential disadvantages.

"The huge number of hot spots that are starting to come online will really change the ways we think of and use the Internet," said Keith Waryas, an analyst at International Data Corp., in a report released last year. "Very high-speed access, combined with the portability and mobility these new networks enable, will make the next few years a very exciting time for both business and consumer Internet users."

To stay ahead of trouble, IT managers need to take a proactive approach to hot spots: They should teach users how to securely access corporate resources and should develop and enforce hot-spot policies that are in line with those in place for remote access. A number of services designed to ease access are also coming online (see review).