Staying Secure at 30,000 Feet - Part Two

March 6, 2018

 

In the first part of this blog, we reviewed how vulnerable you can be while traveling and on a public Wi-Fi network. So how are some ways you can secure and protect your data and credentials while traveling?  Here are a few ways:

1 – You could not use them.  This is the safest, but not always a practical way.  On a six hour plus flight, I could decide not to use the Wi-Fi. Let’s be real, I will definitely be using the Wi-Fi.  

However, on shorter flights or when you don't have pressing or urgent matters to attend to online, switch the Wi-Fi off entirely and resist the temptation to log-in.

2 - Use them, but also use a VPN.  If your company uses a VPN service, you may be able to set it up on your devices.  If they don't, there are many personal VPN services available at reasonable rates.  

What does a VPN do? VPN systems isolate your traffic from everything else on your immediate network by creating an encrypted link between you and the VPN's endpoint (which is way beyond the Wi-Fi hotspot). So if someone is "listening in," all they will see is a stream of unusable data.  You should note, a lot of airline Wi-Fi providers are beginning to block VPN connections.  The reason is these Wi-Fi systems block the ability of users to access high-bandwidth sites like YouTube, Amazon Video, HBO Go, etc.  Usage of those sites severely impacts the overall stability of the Wi-Fi for everyone on the plane or train, so blocking them is often necessary.  

3 - Common-sense precautions. Take some steps before and during your trip to protect yourself. First, sign up for your in-flight Wi-Fi service on the ground.  Both Boingo and GoGo allow you to create an account prior to your flight. This step allows you not to put in your credit card details on the same Wi-Fi with 300 of your "friends."

Next, avoid visiting any sites you don't need to. Unless it's a dire emergency, your online banking can wait until after you land.  Finally, visit websites and only use applications with encryption where the web address starting with “https://” showing a secure connection.  Most common email providers (Gmail, Office 365 and Exchange Server, etc.) do this automatically. These methods are not fool-proof and cannot promise the best security, but they are better than nothing.  Don't forget to check messaging and other apps and sites too!

4 - Use Multi-Factor Authentication (MFA). This is the extra step during log-in where you need to provide a one-time password before you can actually log-in.  

An important thing to remember prior to taking off is if the one-time password is delivered via text message, you're out of luck as airlines prohibit the use of voice services (which are required for OTP delivery by SMS text message).  The solution?  Rely on platforms that also allow authentication via an authentication app (e.g. SecureAuth Authenticator if you’re logging into your company).  Having your company use a flexible and adaptive identity authentication solution like SecureAuth, will simplify the entire process.

When you connect to an airplane or train Wi-Fi, you are sharing the connection with everyone you around you.  Any non-encrypted traffic, usernames, passwords, and data is sent unencrypted and can be read by any of those people.  Use a VPN, limit what sites you visit and apps you use, prefer sites and apps that require non-SMS MFA and have an adaptive authentication solution for your organization to protect the misuse of credentials.  These steps will go a long way to making sure no prying eyes are looking at everything you're doing online at 30,000 feet.

Request a demo and see how SecureAuth prevents the misuse of credentials.

  • Technology

Ready for a Demo?

Eliminate identity-related breaches with SecureAuth!