Working Nomad
Safe Surfing at the local Wi-Fi coffeehouse
One of the great delights of the extreme telecommuter is the ability to work from anywhere. Traveling for a month? No problem. Just plug into your hotel's Wi-Fi, or go down to your local coffeeshop and use theirs. You can spend a couple hours guzzling cappuccino, people-watching, and working on that proposal that's due tomorrow.

The only problem with that scenario, as trendy as it sounds, is that Wi-Fi was never built for security. Chances are, most people in the coffeehouse are there for the same reason you are, but there is nonetheless a riskā€”and you should adhere to the basic IT security premise of "trust no one". Chances are, if you're an extreme telecommuter, you're under various NDAs and may be working on confidential projects. The companies you contract with no doubt have rigid security protocols in-house, but are probably neglecting to consider people like you. If your client's IT department is on the ball, they will have set up a secure VPN (virtual private network) with two-factor authentication for you to connect to their network, but it's just as likely that you're on your own in maintaining a secure mobile environment.

The risks of working on a public Wi-Fi hotspot are enormous. Besides the obvious risk of somebody shoulder-surfing, it's also remarkably easy for anybody in the same area to log into your computer and see your files, or even to snoop the unencrypted emails you are sending in the clear. In fact, it is possible to have a more secure Wi-Fi spot, but most places that offer Wi-Fi are doing so just as a courtesy, and don't pay much attention to security. Those that do will give you an encryption key to log on with; otherwise it's up to you to practice safe mobile computing.

The first and most obvious method to stay safe in the coffeehouse is to not use the coffeehouse Wi-Fi. Subscribe to a cellular data network instead, it's a lot more likely to have built-in security. But it's hard to resist, and there may be places where your cellular data network isn't available. Fortunately, there are still precautions you can take. First of all, be aware of SSL (Secure Sockets Layer), which is a simple type of protection offered by most e-commerce sites. If the prefix is "https" instead of "http", you are using SSL. There's nothing you need to do, and your passwords and other information will be encrypted. If you are on a web site that asks you to transmit sensitive information, but it's over a standard "http" link, don't do it.

Another simple technique is to minimize time spent online. Even if data is being sent in the clear, you can minimize the amount of time that you are vulnerable. Work offline as much as possible. Compose your emails offline as well, and then just connect long enough to transmit, then log back off. While you are online, you may still be vulnerable, but the window of time you are open is less, and there will be less opportunity for attackers to snoop.

You can also take a few basic precautions on your notebook, like disabling file sharing. Lastly, just be aware of your surroundings and of the Wi-Fi network. When you log on, you will see a network name. The coffeehouse will probably have login instructions posted somewhere with this name shown. If not, you can ask somebody behind the counter. The reason you need to be aware of the login name is the risk of the "network double" scam. This occurs when somebody with ill intent sets up a hotspot nearby, and creates a login name that is similar to that of the coffeehouse, hoping that somebody will mistakenly log into their hotspot rather than the legitimate coffeehouse hotspot, thereby giving them direct and easy access to all of your passwords and information.

The proliferation of Wi-Fi hotspots at hotels, coffeehouses, restaurants, libraries and other public places presents a great convenience for the extreme telecommuter, and if used wisely, can be one more tool to help keep you out of the cubicle.