Just how safe is it to use financial applications such as QuickBooks Online, and Xero on public Wi-Fi?
At a recent meeting of bookkeepers and accountants, a couple of opinions suggested that the using public Wi-Fi connections to execute financial related work could be risk-free based on the security protocols existent on the host servers or sites (i.e https)
Some other experts within the IT sector suggest that it is unsafe to use public Wi-Fi for any sensitive work at all.
During the course of research and speaking to industry experts on the matter, a device known as a Pineapple MiFi was brought up. It’s mode of operation; Is activated to stand as an intermediary access point, which will capture and filter all data send from your connected device.
The description of this Pineapple Mifi goes thus “The leading rogue access point and WiFi pentest toolkit for close access operations. Passive and active attacks analyse vulnerable and misconfigured devices”
After further research, it turns out that even when trying to access a secured website, you must avoid using public Wi-Fi for all sensitive information as your information could very easily be captured by nefarious elements.
So what then is the best practice with regards to online security for accounting professionals?
As aforementioned, free Wi-Fi Hotspots are anything but secure.
Hence in a bid to curb the risks involved, here are a few suggestions.
Industry experts claim that encryption is the key towards keeping your information secure online, the question now is, how can you be sure that your information is encrypted?
For starters, never ever assume that a public network is encrypted. In truth, most public networks are not encrypted.
Secondly, always ensure to make use of secured websites which are designed to encrypt your information, hence ensuring that even though hackers get the information, it becomes completely useless to them.
These days, most websites are secured, you should be able to spot the secured website if you take a close look at the URL bar. There you should see “https” where “s” stands for secure.
Basically all you have to remember is that you should never use an unsecured network connection to get into an unsecured website. And even when your website is secured, there is still the risk that some hacker around your vicinity has a device like the Pineapple Mifi, snooping round for data.
If you must however make use of public Wi-Fi for sensitive work, then at least follow these guidelines.
• Only login or enter personal information on secure sites that use encryption.
• Don’t use the same UID/PW on multiple sites.
• Never email financial information, including credit card, Social Security, and credit card numbers, even if the network and website are secure.
• Don’t stay permanently signed into an account; always logout when you are done.
Other recommendations include:
Simply buy your own Mi-Fi to connect to the internet while outside. This affords you security but for a cost as it usually has a monthly subscription fee.
Alternatively, you can make use of tour laptop’s SIM card slot.
In truth, the best way to mitigate the risks of getting hacked is by simply using a personal internet device and visiting only secured websites. Thankfully the new WPA standard will make it even more difficult for hackers to break through your network and steal your information.