WHEN WIFI IS “FREE”, YOUR PERSONAL INFORMATION MAY BE THE COST
A Small and Medium Business (SMB) system detected multiple network compromises from remote employees, and an internal investigation found that those employees often connected their business smartphones and business laptops to “‘Free” WiFi commonly found in airports and coffee shops. In the most significant cases, these hotspots were determined to be malicious, and included ‘features’ such as malicious authentication portals that attempted to steal user credentials, typically while the user clicks a ‘Connect to WiFi’ button. In multiple cases, it was determined that these hotspots simply valued functionality over security, and end users were being targeted by other hotspot users (e.g. hackers sitting at the same airport) or Internet-based attackers who had gained external access to the hotspot network. Today, this customer has implemented a mandatory GoSilent travel policy, and remote users simply connect their GoSilent Client to the free WiFi. If there is a captive portal, the GoSilent Client will execute it directly on the GoSilent Client within a sandbox, and absolutely no user credentials or data communications can be leaked. The traveling user is seamlessly protected from all other devices on the network and does not have to rely on the network administrator properly configuring a ‘secure’ WiFi experience. Even better, remote users report satisfaction that they no longer must connect multiple different devices to WiFi portals, since their multiple devices are all connected to the GoSilent Client, authenticating the GoSilent to any WiFi instantly shares that connection with any laptops or mobile devices the user is carrying. Today the customer has amended its corporate policy to include GoSilent when traveling, and no new threats have since entered the customer’s network.