Wireless Network
Using Wireless Networks best practice guide
Introduction
Wireless Networking can be very useful and convenient, but there are risks you should be aware of when using it. The aim of this document is to help you minimise those risks.
When using a wireless network you should assume that anything you are sending or receiving (e-mails, passwords, banking information) could potentially be read by others. You should therefore be very careful about what you do. In particular you should not use confidential usernames, passwords, credit card information, etc. This even applies to networks using encryption (such as WEP, WPA etc.) as these systems are breakable and can be fraudulently set up anywhere to catch sensitive or personal data.
Do not connect to any network described as "Ad Hoc".
Secure sites and services
Some web sites encrypt everything going in and out, even if the network you are using to connect to them isn't itself encrypted. This is usually the case with online payment facilities, online banking etc. The address of such sites will begin with https (note the s, for secure) rather than http. A padlock symbol will usually be displayed in your browser to indicate that the site is using encrption.
The university's e-mail system also uses encryption. This means that any e-mail sent through Outlook Express using your @lboro.ac.uk account will be secure. If you have other e-mail accounts you should be aware that these may not be secure.
Using secure sites and services over a wireless network has the same sort of risk as using them on any Internet connection.
Risk from other people
When using a mobile computer on a wireless network there is also a potential threat from the people around you. You should be careful not to let other people see you entering passwords, or let them see any private or confidential documents you may have open on your screen, e.g. while working on a train. There is a further risk from other computer users on the same wireless network hacking into your computer to cause damage, copy files or dump things to your computer such as viruses or other malicious software (known as malware). Staff Desktop PCs include the Windows Firewall which will give some protection from this, but it is not advisable to stay connected any longer than necessary so that you minimise the risk.
Security of data off-campus
You should look at the data you are using and determine its security requirements, e.g. is it confidential? Suitable controls should be applied as appropriate, e.g. lockable filing cabinets, and a clear desk policy. You also have obligations under the Data Protection Act www.lboro.ac.uk/admin/ar/policy/dpact/, in particular:
Data subjects (that is persons about whom [information relating to an identifiable living individual] is held) may also sue for compensation for damage and any associated distress suffered as a result of ... unauthorised disclosure of, or access obtained to, data...
Other risks for any equipment off-campus
There are some general risks applicable to taking equipment off-campus. The Staff Desktop best practice guide has some helpful suggestions at www.lboro.ac.uk/it/desktop/best-practice.html#offcampus.
Setting Wireless Off
If you have a wireless on / off switch on the front of your laptop, and neither wireless nor Bluetooth are being used, then this should be set to the Off position. [The switch sets off (or on) both Wireless and Bluetooth].
If you do not have a physical switch but do have an "Fn" key on the keyboard (between "Ctrl" and "Alt" to the left of the space bar), then Fn+F8 will allow you to set wireless off when it is not being used.
Note
IT Services does not support the use of third-party wireless network software such as Belkin and Linksys. Do not set up "Ad Hoc" networks.