The Runaway Data-Mine Train
It was recently announced that UK Department for Transport are undertaking a £50 Million initiative to allow train operators to provide free Wi-Fi from 2017 onwards.
The UK’s rail network facilitates a staggering 1.7 billion rail journeys every year, providing a principal medium to commute to and from work.
With the rise of the ‘extreme commuter’—those that travel 90 minutes each way to work—reaching nearly two million, transport providers are recognizing the opportunity and demand for connected travel.
This also coincides with research undertaken by Randstad that concludes, ‘Britain’s workers are using their commutes to become more productive’.
The development of smartphones and tablets has made it possible for employees to expand their output beyond the office. As Mark Bull, VP, UK of Ranstad explains, “Time is the vital currency of commuting: how much of it you spend—and how you spend it—reveals a great deal about how much you think it is worth.”
The move to provide free Wi-Fi is a positive step towards enabling connected commuting—to not only empower those wishing to boost their productivity, but also to those opting to use their travel time to enjoy streaming media and social platforms.
We recklessly connect to public Wi-Fi
The nomological propensity for us to seek any open Wi-Fi network, regardless of the security risks necessitates providers and associated organizations to consider measures to counteract cyber security threat.
According to the Xirrus report, ‘Rolling The Dice With Public Wi-Fi’, 91% of Wi-Fi users do not believe public Wi-Fi is necessarily secure, yet 89% still continue to use it.
The study reports 83% of public Wi-Fi users access email, with 43% accessing work/job-specific information on the network. Passengers expose a plethora of private and professional data for hungry hackers, demonstrating a causal requirement for cyber security measures in an environment where work/life boundaries continue to blur.
We’re rolling the dice with public Wi-Fi
Startlingly, it was uncovered in a Freedom of Information Request that the UK Department for Transport, “has not linked receiving funding for the on-train Wi-Fi with including a specific cyber security strategy”. The department will be providing some suggested cyber security guidelines, but it is not a mandatory requirement for train operators to follow these in order to qualify for funding.
Data breaches come at a very real cost to organizations, with the average breach costing $4 million US dollars. Without any reported plan to secure their public Wi-Fi, the UK Department for Transport leave themselves, their passengers, and associated organizations vulnerable to hackers.
Make public Wi-Fi a safer bet
An effective public Wi-Fi plan provides users with ease of connecting to the network, coupled with measures to ensure a secure path between IoT device application and server.
In a related post, Xirrus CEO, Shane Buckley impresses the importance of striking a balance with public Wi-Fi ease and security. He states, “adding more security features tends to reduce simplicity, making it difficult to achieve both goals at once.”
As Buckley explains, “Undaunted, Xirrus engineers have worked hard to solve this conundrum… Xirrus first pioneered Application Control (Deep Packet Inspection) technology for our Wi-Fi solutions four years ago. We start the traffic control process by feeding this application intelligence into the Xirrus policy engine. Once in action, the engine works to identity and classify IoT devices by type. The network can then enforce Layer 2-4 firewall rules on devices according to their type (sensor, appliance, etc.). Meanwhile, the network also implements Layer 7 policies via the DPI engine. These Layer 7 policies control the application(s) each device uses, through methods like prioritization, bandwidth throttling, and blocking controls.
Knowledge is power
It is not only paramount that public Wi-Fi providers offer simple and secure Wi-Fi access, but for them and organizations to increase users’ threat awareness of cyber attacks, such as; phishing, snooping, mal-advertising, phone scams, and ransomware.
According to cyber security expert and senior fellow at The Center for Digital Government, Morgan Wright, “businesses not only have a corporate responsibility to educate their users of the risks associated with connecting to public Wi-Fi, but also to give them the necessary tools to avoid attack.”
Get personal with public Wi-Fi
Effortlessly smooth rail travel, reliably ubiquitous Wi-Fi, and re-assuringly safer browsing are all possible with the correct effective planning from multiple stakeholders.
Decoupling security and complexity in Wi-Fi provision is key to ensuring reliable and safe Wi-Fi usage for all.
Read more about how Xirrus pairs security and simplicity by empowering Federated Identity Management (FiDM) through its EasyPass solution.