S 2.389 Secure use of hotspots

Initiation responsibility: Head of IT, IT Security Officer

Implementation responsibility: User

Hotspots are areas with local wireless access whose coverage area may be limited to a room, a hall, or a production facility, for example. Usually, hotspots are set up specifically for use by external subscribers. They are used mainly to provide wireless access to the Internet. Hotspots are often found in hotels, airports, exhibition halls, train stations, and convention centres.

Hotspots should always be considered insecure networks because, on the one hand, it is difficult from the outside of these networks to assess the level of security available, and on the other hand because most hotspots offer their services in the form of shared networks. They generally permit every end device access to all other end devices in the network. If it is generally impossible to estimate the risk posed by a hotpot, then it is also possible to completely prohibit the use of hotspots in the WLAN security policy. In this case, though, it must also be ensured through technical means that a WLAN client cannot access such a hotspot.

The operators of hotspots can do a lot to ensure the security of the wireless access and other services they provide (see S 4.293 Secure operation of hotspots), but without the co-operation of the users, it is impossible to achieve a proper level of security. The following safeguards, among others, should be taken by the users:

The users should ask which security precautions have been taken on the hotspot so they can estimate the security level of the network and the trustworthiness of the operator.

• Before using the network, the users should ask about the prices and how the services are billed. From the point of view of a consumer, it is interesting to know how much personal data needs to be disclosed and how this data will be handled. The users should also make sure that their authentication data is not stored on the hotspot and cannot be misused. Authentication should always be performed in encrypted form.
• Every user of a hotspot should be aware of his or her security requirements and decide whether and under what conditions it is acceptable to use the hotspot based on these requirements.

• Whenever financial, personal, or other sensitive data such as credit card numbers, PINs, passwords, or even e-mails need to be transmitted, it must be ensured that all necessary security safeguards are activated on the client, and in particular that encryption is enabled. Examples in this case would be the secure processing of e-mails over a HTTPS web interface and the secure Internet protocols (Secure POP, IMAPS, and SMTP with SSL/TLS) used for precisely this purpose.
• When the operator guarantees encryption is enabled for wireless access, then encryption may generally not be necessary any more at the application level. Encryption should still be enabled, though, as an additional security safeguard since this encryption is under the control of the user. Passwords in particular should never be sent over an external network without encryption.
• To access an internal network of an organisation, an encrypted connection for the WLAN client should be established over a trusted access point of the organisation.
• If you are located in an area with a hotspot but do not want to use the hotspot, then the WLAN interface on the WLAN client should be disabled to prevent accidentally logging on to the hotspot.

• If the operator offers certificates for authentication on the hotspot, then the users should check the certificates to ensure they are correct. Even though it may be inconvenient, the plausibility of specifications such as the fingerprint, validity period, owner, and certifying body of the certificate should be checked.

• In general, additional local safeguards, such as access protection, user authentication, virus protection , personal firewall, restricted sharing of files and resources on operating system level, local encryption, etc., should be implemented on all mobile clients which are able to log on to different WLANs. Additional safeguards for a WLAN client can be found in safeguard S 4.297 Secure operation of WLAN components.
• When using hotspots, it is also recommended to create special user accounts with secure basic configurations and restricted rights. A user with administrator rights should never log on to an external network from his or her client.

Review questions:

• Use of an external hotspot: Do the algorithms and security procedures of the hotspot correspond to the current state of the art?
• Use of an external hotspot: Is transmission of sensitive data made exclusively using appropriate security safeguards and secure protocols?
• Is access to an internal network of the organisation only established over trusted access points and connections?
• Is the permitted access to hotspots defined in the security policy?
• Is the validity of the hotspot certificates checked during authentication?
• Are separate user accounts with secure basic configurations and restricted rights used for use on external hotspots?
• Is logging on to external hotspots prevented by means of administrative user accounts?