Security Awareness - Wireless Security

Last Updated: 02/13/2014

Overview

Are you sharing your most personal information with everyone?

Wireless is a shared medium that is broadcast via radio waves. This means that data transmitted by wireless users can be easily captured, making sensitive information (such as social security numbers and credit cards) transmitted wirelessly inherently insecure.

It's important that you take additional steps to encrypt and protect sensitive information that you send over a wireless network. And that means anywhere you connect wirelessly; like in the UMC, at Starbucks, at DIA or even home wireless networks. One way to protect yourself is to use the campus's VPN (Virtual Private Network). A VPN provides a secure encrypted tunnel from your computer to CU's network whether you are on or off campus.

VPN software is available, at no cost, for download from OIT for Windows, Mac and even Linux and Solaris machines:

  • Cisco VPN
    • Who Can Download It: CU-Boulder affiliates with an active IdentiKey
    • Description: It's an application that provides a long and secure on-campus network connection when you are away from campus or on UCB Wireless. It routes all traffic through the campus network. However, it does not allow split tunneling; home network devices cannot be accessed while using this type of connection.
  • Network Connect VPN
    • Who Can Download It: CU-Boulder affiliates with an active IdentiKey
    • Description: It's an application that provides a secure on-campus network connection when you are away from campus or on UCB wireless. Use this application to access on-campus resources while still allowing access to your home networked devices.
  • Web-Based VPN
    • Who Can Download It: CU-Boulder affiliates with an active IdentiKey
    • Description: A simple web-based VPN connection that allows access to a variety of on-campus and off-campus resources through a web browser that allows for simultaneous connectivity to the CU-Boulder network and your home network.
  • Custom VPN
    • Who Can Download It: Departments, groups or services requiring their own protected IP range
    • Description: Your custom VPN will be configured per your specifications.

In general, offers of "free" service from an unknown source are often too good to be true. Be wary of connecting to unknown wireless networks. Hackers do setup fake wireless networks (or "evil twin hotspots") in an effort to capture the information you are sending over wireless networks. Using that "Free Wireless" network you see out there may actually come at a very high price.

If you have a wireless network at home it is important to secure that network so that an attacker can not use your network for nefarious activities. In 2006 a Denver woman was surprised when the police came to her house after an attacker used her wireless network to carry out a crime. Use Wi-Fi Protected Access (WPA) to make sure only you can connect to your network and that no one can eavesdrop on your wireless network.