7 tips for working securely from wireless hotspots


Like last week’s posting, on 10 ways to work more securely, was a handy way of reminding your staff about common sense steps that they can take to keep their own personal PCs secure, as well as contributing to the organisation security you’re managing. Well, here’s another list in a similar vein, that you may want to promote to them in a similar way. This may be especially important if you have staff using their ‘Laptops for Teachers’ computers for surfing the web at home and while out and about. If they’ve got school data on the laptop, you want to ensure that data is as secure as possible – and the simple act of connecting to the free wireless connection at their local McDonalds could compromise it. So here’s the top 7 tips:



  • Choose more secure connections
    (And if they’re at home using a wireless broadband router, have you mandated that they must use a security key and encryption at home?)
  • Make sure your firewall is activated
  • Monitor you access points
  • Disable file and print sharing
  • Make your folders private
  • Encrypt your files
  • Consider completely removing sensitive data from your notebook PCs
    This may seem extreme, but consider the consequences of an unintended data security breach

The full article, with tips on how to enable some of these things, is on our At Work newsletter pages. Perhaps you could use the link to the Microsoft website to encourage your colleagues to follow good practice when it comes to laptop security.

Comments (2)

  1. MichaelDotNet says:

    A real good idea is to setup an SSH server to your home network and then use SSH dynamic port tunneling (puTTY works well for this) that way ALL your web traffic is encrypted over the wireless.  You can use the tunnel with any application that supports a proxy server (ie IM works as well)

  2. Wyatt Barnett says:

    On a similar vein, you could setup a home PPTP VPN server and then use a VPN to backhaul all traffic via home. Advantage over MicahelDotNet’s approach is that you are just using a different gateway, as opposed to using a proxy so it has less [read: no] compatibility issues.