Most security issues associated with using a computer on a wireless network are the same as those when using a computer on the wired network. Therefore the basic security principles outlined in the IT security awareness program apply:
- use a strong password and don't share it with anyone
- enable the screen saver password and set the lockout session to ten minutes
- keep your virus protection software up to date
- keep your operating system up to date
- configure your software correctly
- disable all file sharing
- approach email attachments with care
- beware of uncertain web links
- turn your computer off when not in use
- monitor your network usage regularly
- do not leave your computer unattended
- consider installing a personal firewall
However there are a few added considerations with the use of a wireless network:
- apply wireless security updates as they become available. Windows XP computers should have the WPA2 (Wi-Fi Protected Access 2) upgrade installed to provide better security. This upgrade is available from the Microsoft support website.
- turn off ad hoc mode, if enabled, while travelling (i.e. enable 'infrastructure only' mode). This can help foil a number of attacks including:
To do this in Windows XP:
- fooling your computer into connecting to the wrong wireless network
- getting information when your computer broadcasts the name of all the networks it has seen or used
- connecting to your computer
- select Start>Control Panel
- double-click Network Connections
- right-click 'wireless network connection' and select Properties
- click the Wireless Networks tab
- click Advanced
- select 'Access point (infrastructure) networks only'
When using wireless networks outside Deakin, avoid performing sensitive transactions if you can. If you can't, perform them only with sites you've interacted with before, as you may not know what kind of security precautions they take.
If you have to connect to a website to obtain wireless access make sure the website is official. If it's not a 'secure web server', indicated by a lock icon in your browser window, don't enter sensitive information such as your password or bank account details.