We’re very excited to have Martha Sperry join us as Solo Practice University’s newest monthly columnist. She will author Solo Tech. Her role will be to keep us updated on all the shiny gadgets out there and how they can improve your solo/small firm practice. She welcomes lots of questions in the comments so together we will make this column a highly valued resource for your practice!)
After some months of cogitating on the subject of technology news for solos, I am prepared to greet the New Year with a new outlet: a monthly technology column here in Solo Practice University. Some of you may be familiar with my technology writing at my main blog Advocate’s Studio, where I have focused over the last several years on technology, applications, tools and gadgets that might help one in one’s professional endeavors. I also have spent some time here at SPU teaching a course on Google applications and their use in practice. Needless to say, I really enjoy digging into shiny new stuff, especially when it makes my job easier.
This column will feature many of the same topics of interest that you would find over at the Studio, with a solo practice bent. The news that interests me is new hardware in the form of smartphones, tablets and other mobile friendly, always on devices, software that does the “thinking” for you, applications that work seamlessly across platforms and incorporate data from other apps – really, anything that makes you feel smarter and in full charge of your work and personal life. I also am interested in security – more on that later in this very post.
But, enough about me. What interests you? Please leave a comment or message me about questions you may have or topics you would like to discuss? It’s a win – win situation when you share – you get targeted information on your interests and your questions will send me on my way in new directions and will broaden my experience. Hopefully we can figure it all out together. The great thing about the subject of technology is that it is always evolving and moving forward. What was hot last year may not be hot this year. Or, what was hot last year may be completely different this year because the company has moved in a new direction with the product. There is always something to learn and possibly fit into your technology toolbox. Even your old favorites will iterate and modernize, so you and I will always have something new to talk about.
So, about that security. I will finish this introductory post with a short blurb about why you need to be careful about using public wifi. We have all been there – in an airport or coffee shop or hotel– with work to do and mobile device or laptop in hand. It is pretty common knowledge that you should be concerned about accessing those public wifi spots with any sensitive information you might not want to share.
Unlike your private business or home network, which is password protected and encrypted (I hope), public wifi is not. This means that people can pretty easily see what you are doing when you are on these unsecured networks. For example, they can snag emails, passwords, and unencrypted instant messages, and even hijack unsecured logins to popular websites. All they need is a wireless network analyzer on their device to grab the pages you are viewing and even spoof your email. Or the Android app DroidSheep, which will allow users to gain access to private accounts on services, such as Gmail, LinkedIn, Yahoo, and Facebook. It looks for and lists any unsecure logins to popular websites. While it doesn’t capture the passwords, it can exploit a vulnerability that allows you to open the site using another person’s current session, giving you full access to their account in the process. Nice.
So, what do you do? Here are some suggestions for Internet usage in public areas, with the caveat that there is always a risk there. First, always access web pages using the encrypted URL – many popular sites like Facebook and Google apps allow for encrypted usage. You know it’s encrypted when you see “https” at the start of the address in the bar. Make sure the site stays encrypted throughout your usage of it. Check your security settings on the site to ensure you are using the full security the site allows. Do the same with your email via web browser. Consider the HTTPS Everywhere extension for your laptop’s browser. When you first connect, make sure you select Public on your laptop when identifying the wifi network – this will give you a little more protection on your laptop. Keep your computer’s virus software up to date and make sure you use a firewall.
You can also use a VPN or virtual private network while browsing – this creates a secure environment in which you can work while using an unsecure network. For some decent VPN options, check out HotSpot Shield Free, Private Tunnel, OkayFreedom VPN, CyberGhost, and JustFreeVPN. While I haven’t used these particular VPN tools personally, they come highly recommended from trusted sources. On your Android device, if you use an OpenVPN network, you can install a third-party app. OpenVPN Connect, OpenVPN’s official app, which works on Android 4.0 and higher and does not require root. Android also has integrated support for PPTP and L2TP VPNs, with no need to install an app. Android 4.2 includes the option to enable always-on VPN mode. When this option is enabled, Android will never allow data to be sent except over the VPN. This can be useful if you are using public Wi-Fi and want to ensure your VPN is always used. You can set up a VPN on your iPhone or iPad in settings > general > VPN, if the VPN uses the protocols at this link.
Another consideration is that the wifi hotspot itself could be malicious – consider this when connecting to a public wifi in a questionable venue.
Keep in mind that there are vulnerabilities with private networks too – anyone who is in range can eavesdrop on the network, particularly if they can crack your password. You can enable WPA or WPA2 security that will encrypt wifi traffic and obscure communications. This is particularly key for small businesses that don’t use the enterprise (802.1X) mode of WPA or WPA2 security that can prevent user-to-user eavesdropping. Enable WPA or WPA2 and keep your passwords secure.
Well, that is it for this month. Looking forward to more tech talk. Please let me know what you think and what you might like to see. Always better when the conversation has more sides than one!