Mobile Broadband Security Guide
Mobile broadband is an essential part of modern business life. The ability to access the Internet from anywhere, though, has brought with it some security issues to consider. The countermeasures you can take depend on what kind of mobile broadband you are using – whether 3G/4G or Wi-Fi. We discuss the security implications of each method of mobile broadband.
Mobile broadband is a convenient, easy and fast method of accessing the Internet while you are out and about. But is it secure? The answer depends on the type of mobile broadband connection you are using.
There are two major types of mobile broadband to consider, Wi-Fi (wireless networks like those used at home) or mobile broadband over a mobile phone network. If the mobile broadband is through a Wi-Fi connection (Wireless), there are significant security risks that you will need to counteract by following some security rules.
If, on the other hand, you have a 3G or 4G mobile broadband connection (usually via a USB dongle from your service provider), you actually don’t need to worry about wireless security all that much, as they are inherently extremely secure. An example of a typical 3G/4G prepaid USB stick is the Virgin Mobile Broadband prepaid USB dongle below.
So, let’s consider again the two major options for mobile broadband and discuss the security implications of each.
3G/4G Mobile Broadband
Mobile broadband delivered over a mobile phone network (such as Sprint or Verizon) and delivered via USB sticks like the one above is inherently one of the most secure and safe ways to access the Internet. Why? Because when you are using a mobile broadband connection over a phone network, you automatically employ the mobile provider’s built-in encryption when sending and receiving data. This makes it virtually impossible for would-be hackers or thieves to ‘sniff’ your connection and try to connect to it, like they could with a traditional Wi-Fi connection. It’s like having a highly secure WEP or WPA key built into your connection.
3G/4G mobile broadband also gives you a Private IP address, which essentially means your connection sits behind the broadband provider’s firewall, giving you an additional layer of security.
Security experts around the world generally agree that 3G/4G mobile broadband is by far the most secure option when looking at mobile broadband. At a recent Gartner Security Summit in Sydney, Australia, senior security analyst Robin Simpson revealed that unlike Wi-Fi security, which is relatively easy to hack, a 3G/4G connection is considerably more challenging: “It’s a completely different proposition to hack into a cellular session than a Wi-Fi session. We think that dongles and built-in 3G are a tremendous security option.”
The one tangible thing you can do to help improve security (if you absolutely need your data to be secure) is to install a software firewall on your mobile device (laptop, tablet, phone etc). A software firewall will monitor all of the ports on your device and ensure an intruder is not able to access your device via one of those ports.
The number one security risk when using a 3G/4G mobile broadband USB dongle is losing the device, particularly your laptop or mobile device you are using to access the Internet. If you lose your USB dongle or, even worse, your laptop/tablet, make sure you contact your mobile broadband provider immediately and ask them to cancel or suspend the account, just as you would if you lost your mobile phone or credit card.
With this tip in mind, also make sure that you don’t store private or secure data on your mobile device unnecessarily. The more secure information you store on your device, the more you have to lose if it gets lost or stolen. Try and make sure any critically sensitive or confidential information stored on your laptop, cell phone, and other mobile devices really needs to be there.
But other than that obvious and basic tip, there really aren’t any more practical security tips if you’re using a 3G or 4G network – the nature of the technology means that the security is mostly handled for you.
Wi-Fi (Wireless) Broadband
Wi-Fi mobile broadband is the kind you’d normally use at home – where you use an external or internal Wi-Fi device that connects to a wireless modem to receive the radio waves containing your data. You can use Wi-Fi on the go, so to speak, but it will be a lot harder, because Wi-Fi signals have an extremely limited range so you’ll need to find ‘wireless hot spots’, areas that are transmitting a wireless Internet signal, in order to connect. These are often found at places like restaurants, cafes, airports, and major shopping centres.
Contrary to 3G/4G mobile broadband, if you are using a Wi-Fi connection for mobile broadband, you will need to be proactive and thorough in securing your connection, as it is vulnerable to hackers and intrusion by outside parties unless sufficiently protected.
Some important steps you can take to help secure your Wi-Fi connection are as follows:
- Always use WPA2 or WPA, never WEP
- Use a strong password/network key
- Don’t broadcast your SSID (network identifier)
- Change your wireless modem password
- Use a firewall
WPA (Wi-Fi Protected Access) or the newer WPA2 is the preferred wireless encryption standard for Wi-Fi connections. Most newer devices will use WPA2 as the default encryption level, but it’s best to make sure and double check what encryption method your device is using. If your modem/router does not provide WPA or WPA2 encryption it is recommended that a new device be purchased.
WEP (Wired Equivalency Privacy) is a deprecated form of encryption and should not be used, as it is relatively easy to crack.
It might seem trivial, but having a strong password on your wireless network is one of the most important things you can do to prevent hackers from gaining access to your data. Hackers often use ‘brute force’ techniques – a form of automated password guessing based on cycling through dictionary words – which means it’s advisable to pick a password that’s not based on a dictionary word, at least 8 characters in length, and interspersed with numbers and/or upper case characters. The more characters in your password, the more resilient it will be to compromise.
See our other article, The Importance of a Strong Password Policy for more information on why a strong password is so critically important.
Most wireless modems and routers automatically and continually broadcast the wireless network name (or SSID – Service Set IDentifier). When you scan for available wireless networks on your machine, you’ll often see a list of nearby wireless networks. This is because they are all broadcasting their SSID.
To minimise the potential for hackers to detect your network and attempt to break in, you should disable broadcasting of your SSID. You’ll then have to connect manually by typing the network name (set on the router).
This won’t protect you against dedicated ‘sniffer’ devices, which will still be able to detect the radio signal being broadcast but still offer an additional layer of security against would-be intruders.
If someone is in range of your wireless modem, they can often access the firmware on it directly by simply guessing the default password. Out of the box, most wireless modems come with default passwords such as ‘admin’ or ‘administrator’, making them incredibly easy to access. Change your wireless modem’s default password as soon as you get it.
Almost all newer wireless modems and routers come with an inbuilt firewall. Always make sure this is activated. A firewall can prevent unauthorised people accessing your network, can control which programs inside the network access the internet and should be enabled by default.