The Cost of Free WiFi

There were cheers (ok, it was me) at a recent technology budget planning meeting at our office when it was announced that we are increasing WiFi throughout our space in another of our offices. In that office, up to now we have provided wifi for the area that includes anywhere a client would be. Our estimate for this is $4500. The WiFi we provide in our offices is secured with a password and uses a different internet connection than our network. Risk = reasonable.

There is an interesting article in the American Bar Associations YourABA December 2011 issue called Public Wi-Fi and the cost of “free”. The article addresses privacy risks for lawyers in using public WiFi:

It’s said that “free” often comes with a cost, and in the case of free public Wi-Fi, the cost may be your privacy. Imagine you’re connected to the free Wi-Fi at your local coffee shop or at your hotel while on vacation, and you log into your favorite social network or web-based email account. Using simple and widely available tools, other users on that network may be able to “sniff” out the username and password you used to log in. They can then use those credentials to hijack your accounts and access your sensitive files. For lawyers handling confidential documents or communications, that scenario raises both privacy and professional responsibility concerns.

Because I do not have any client information (including in my email) stored on my iPad or laptop, I occasionally choose to connect to public WiFi. Most often, the public WiFi provided I use is in a coffee shop, or from a government. The City of Edmonton offers a service called Wireless Edmonton that reaches some parts of the Alberta Law Libraries Edmonton site. That public WiFi has even been used for research demonstration purposes during the Head Start program. Risk = reasonable.

The Wireless Edmonton provices some notes of caution on their FAQ page:

8. Can I be vulnerable to Viruses while using Wireless Edmonton?
Yes, It is recommended that customers install anti-virus/spyware software on your laptop as well as ensuring definitions are current.

9. Are the services for Wireless Edmonton secure?
No, the wireless network is not secure. Information sent from or to your laptop could be viewed by someone else using a wireless device and the appropriate software.
The City assumes no responsibility for the safety of equipment or for laptop configurations or device configurations, security, or data files resulting from connection to the wireless network.
For security purposes, it is recommended that your computer does not have file sharing active (for Windows – click on network settings in the Control Panel, then find and uncheck file and print sharing). Active file sharing allows other users on the network to access your files.

Public WiFi risks are not relevant to our firm WiFi expansion, and it is a capital expense. Why would a firm expand WiFi in the office? One big cheerful reason comes to mind – supporting WiFi enabled mobile device use (or even laptops) to maximize productivity for staff wherever in the office they happen to be. So yes, Field Readers – librarian support is available in the coffee room.

Does your law office have WiFi?

Retweet information »

Comments

  1. David Collier-Brown

    I’m actually more surprised at the dollar cost of the service you provide to your customers tan at the risk costs. My old company spent 3 * $80.00 = $240.00 for wi-fi from the “demilitarized zone” of their network. That’s actually outside our normal network, but inside one of our firewalls for a tiny bit of security.

    Our experience was pretty good: PC users still caught viruses and colds, but we noticed it was almost always after making customer visits.

    –dave

  2. While it is true that guest access can be achieved relatively inexpensively by placing the access points in the DMZ, this allows no control over how this access is used. Also, if the office has corporate wireless, then there is a serious risk of interference between two separate systems.

    An industry standard approach is to use controller-based APs and securely tunnel the guest data to the DMZ. There is total traffic separation and all access can be controlled and monitored.

    This does come with a cost, but there might be liability issues if someone uses the ‘Free WiFi’ for malicious purposes.

    Whenever you use public WiFi, ensure that you use secure websites. Most social networking and web-based email sites offer https connections and have options in your account settings that require a secure connection.

  3. We have wifi for one simple reason – because our clients demand it.

    Five or ten years ago, when clients arrived with a laptop, we had to find the IT guy to get a cable, climb under a boardroom table and connect them to our network.

    These days, they expect to show up, get the password from the receptionist, and log on.

    Its purely a client function – we’ve not yet made it available to staff or lawyers, who are expected to connect the “regular” way, not through the wireless network.