Motorola WS5100 - Wireless Switch - Security Appliance White Paper page 3

2. Turn off fi le sharing, too. Again, Microsoft
Windows is a friendly program. It's set by
default to enable its users to share fi les with
strangers. You'll want employees to turn that
feature off before they hit the road. On the
Start menu, select Settings and then
Network Connections. Find the Internet
connection and right-click to select Properties.
Under the General tab, you'll likely see a check
mark next to File and Printer Sharing for
Microsoft Networks. Uncheck it!
3. Encrypt any folder that contains sensitive
data. Securing that data that resides on a
device is a safety issue any time that device
leaves the offi ce — hotspot or not. Employees
may be lax about encrypting the contents of
their computers, but they need to know that
sensitive data means more than fi nancial
information and social security numbers.
Explain that "sensitive data" includes that folder
in which they store all their network passwords,
in giant font on a Microsoft Word document,
for all the world to see. (Odds are good
that they have created such a thing.)
Although labeled as an "advanced" function in
Windows, encrypting a folder is pretty easy.
Right-click on that folder to select Properties.
Under the General tab, click Advanced, and
then click Encrypt contents to secure data.
Employees should also make sure nobody's
looking over their shoulders at hotspots.
Thieves can steal passwords just by watching
someone type those passwords.
4. Use a VPN! A virtual private network creates a
tunnel between the employee's computer
and the corporate network. Your corporation
probably has a policy requiring the use of VPN
software for remote access to the corporate
server. If such a policy doesn't exist, it should.
A VPN virtually guarantees that nobody can
intercept sensitive information on your
company's server. Most commercial hotspot
providers support VPNs. Public libraries often
do not. (Make sure employees have VPN clients
installed on their notebooks before they hit the
road. Nothing garners an angry phone call to the
IT department like a VPN client that doesn't
work!)
3 WHITE PAPER: A Manager's Guide To Wireless Hotspots — How To Take Advantage Of Them While Protecting The Security Of Your Corporate Network
5. Run a fi rewall. With a wireless hotspot, a
group of strangers are sharing the same IP
subnet Odds are that most of these strangers
have no ill intentions, but they might
unknowingly have malware or viruses on their
computers. Thus, they might unknowingly infect
the computers of those around them. Installing
(and running) fi rewall software will help to
prevent successful attacks from both on and off
the subnet. A fi rewall should block attacks and
send an alert when it detects any unwanted
attempts to connect to your employee's
computer. Microsoft Windows XP comes with
a fi rewall, but it's up to the user to turn it on.
6. Run antivirus software. Should a virus get
through, antivirus software will detect and
thwart it - provided the software recognizes the
virus. New viruses are created daily. For that
reason, most antivirus software companies
provide frequent updates to their software.
It's up to the user to go to the vendor's Web
site to obtain the updates. This should be done
at least once a week.
7. Keep the computer up to date with the latest
operating system patches. Microsoft regularly
sends out patches to fi x problems — including
security problems — in the Windows operating
system. The system alerts users to new patches
with a little explanation point in the right-hand
corner of the screen. Installing these patches is
generally a matter of just clicking on that
exclamation point.
8. Make sure the device is connecting to the
correct network. Employees using a hotspot
should make sure that their notebooks or
handheld computers actually are actually
connecting to the hotspot — and not to
some other Wi-Fi network. In urban areas,
chances are good that there are several
wireless networks within range. Some of
these may be from nearby apartment buildings
— residential networks that their owners
didn't bother to secure. And some of them may
be malicious rogues that are set up to steal
private data. Tell your employees to be careful to
choose the correct SSID from the list of
available net works when signing on to a
public hotspot. "Fluffykitty123" most likely isn't
the commercial hotspot provider. A network