Public Wi-Fi a threat to corporate networks: BAE Systems

Employees risk corporate networks when connecting to public Wi-Fi on their own devices

Public Wi-Fi is posing an increasing security risk as employees use their own devices to connect to corporate networks, according to BAE Systems.

BAE systems Applied Intelligence, telecoms sector director, Rajiv Shah, said when users accessed unencrypted networks, attackers could easily hijack the session and not only gather all sorts of sensitive information, including passwords, but also potentially inject malicious code to compromise the device.

"This makes everything on the device vulnerable – including any corporate data," he said.

"If an employee then connects a compromised device to the corporate network this can be a backdoor route to let a determined criminal mount an even wider-ranging attack. Companies need to consider appropriate security measures.”

BAE Systems Applied Intelligence suggests three steps for businesses to protect their corporate networks.

The first is to implement and enforce a strong security policy.

"Organisations should conduct a prioritised assessment of the risk that any mobile device, whether company owned or “BYOD”, represents and develop a clear policy explaining how employees should use devices and setting out the security measures to protect information," a company statement said.

The second is the educate employees.

"Businesses must educate employees about the risks of using their own devices and prioritising convenience over security," a company statement said.

"An obvious step would be education about the risks of using open, unencrypted Wi-Fi connections."

And thirdly, businesses should install a multi-layered security model that includes device configuration and management, appropriate secure connection methods, on-network content filtering solutions, and ongoing monitoring of corporate networks.

For example, an appropriately encrypted VPN service could be used on untrusted networks.

"This can be combined with a global, cloud-based security solution that can scan the content, source and destination address by using a specialised detection methods which block security threats and unacceptable content," a company statement said.