Free Wi-Fi seems like one of the great perks of the 21st century. In pubs and cafes in towns and cities across the UK, you can get online for nowt.
In short, each time you connect to a public network, you could be playing a kind of Russian roulette with the data you send over the airwaves.
Cybercriminals and hackers have spotted that we’re hooked on the convenience of free Wi-Fi. What’s more, they know most of us are accustomed to connecting without giving a thought to security. And they’re taking advantage.
A typical attack is for a hacker to set up a rogue network. They give it the same name and password (if applicable) as a legitimate network nearby.
For instance, a criminal might set up ‘John’s Café Wi-Fi’ near to John’s Café. When an unsuspecting punter connects, the attacker can intercept all the data that gets sent and received.
Sensitive files and information sent by email, personal data entered into website forms … it’s all there for them to harvest and use.
This isn’t a particularly clever or novel trick. But it works. Next time you’re connecting to a network in a public place, can you be sure it is what you think it is?
It can be difficult to be 100% sure that you’re safe when you use public Wi-Fi. And so the best way to protect your data is to not send or receive sensitive or private data while using it.
That’s easier said than done. One of the most popular uses for Wi-Fi is catching up on email, which can contain all kinds of data that’s valuable to hackers.
However, it’s definitely a good idea to think twice before entering your online banking details or other sensitive login details.
Being on a secure website (indicated by https:// and a padlock in your web browser) does offer some protection, but hackers can still use a technique called sslstrip to intercept your data if they really want.
The safest option is to connect via a virtual private network (VPN), which creates a secure tunnel through which your data passes. You can purchase VPN access from companies like Hotspot Shield — there’s a good explanation and some reviews of VPNs over on the PC Advisor website.
If you missed the news last week, experts have discovered a flaw in popular encryption software OpenSSL.
This is a big deal because OpenSSL protects hundreds of thousands of websites, including big names like Google, YouTube, Tumblr and Yahoo.
The issue is called Heartbleed. Although OpenSSL is meant to protect data transferred between a website and person using it, Heartbleed may allow hackers to access that data.
Heartbleed is a high-profile story because so many websites use OpenSSL. But there's been a lot of confusion over what we should do about it.
Some websites have advised you to change all your passwords. Others have suggested that's counterproductive until every website has been fixed. So, we've investigated what businesses need to be concerned about.
First off, let's get one thing clear: Heartbleed is a real issue. You should definitely spend a few minutes thinking about how it might affect your business.
There are two aspects you need to be aware of:
Does your website use a secure connection (where a padlock appears in the browser)? If so, it's vital you check which encryption technology it uses.
If you're not used to getting into the nuts and bolts of your website, speak to your web developer or to the company that supplies your SSL service (usually your web hosting firm).
You can also pop your website address into this Heartbleed checker, which will let you know if your site is affected.
If you get the all-clear, that's great — you don't need to worry. But if your site does have the Heartbleed vulnerability, you should get it fixed — pronto.
This means updating to the latest version of OpenSSL, which doesn't suffer from Heartbleed. Your web hosting company or web developer should be able to do this for you.
In the meantime, consider deactivating the secure parts of your website. Better safe than sorry, after all.
Experts reckon around 500,000 websites are affected by Heartbleed. There's a good chance some of them are services you use regularly.
Changing passwords is the way to go here. But you need to make sure the problem is fixed before you change a password on a particular website. Otherwise, you risk exposing your new password too.
Most major websites will have fixed their systems by now. Again, you can use the Heartbleed checker to make sure.
As a precaution, we'd advise changing all the passwords on sites you use regularly — but only when you're sure those sites are secure.
Remember, it's safest to use a separate password for each website and to make sure all passwords are nice and strong.
There's one last thing to bear in mind. Heartbleed was around for a long time before it was discovered. As a result, nobody's certain if any hackers exploited it before it became common knowledge.
In case your business or personal data has been affected, it's a good idea to check your online banking, email and other services you use regularly. If you notice anything out of the ordinary, do investigate.
IT for Donuts is our regular Friday feature where we explain a tech term or answer a question about business IT.
This week, find out how to snap a screenshot on your iPhone or iPad.
The iPhone and iPad are two big tech success stories from the last few years. But it can be surprising how many hidden features lie beneath that straightforward Apple interface.
One of those is the screenshot facility. People often trigger it without meaning to, and without realising what they've done.
So, how do you take a screenshot when you need to?
It's really simple: just hold down the home button (that's the round button below the screen of your iPad or iPhone). Then while you're holding it, tap the power button (that's the button on the top edge of your iPhone —it's also called the lock button). You can then release both buttons.
The screen should flash briefly to confirm a screenshot has been taken.
To find your screenshot, open the Camera app and tap the button to view your photos. You'll find your screenshot there.
IT for Donuts is our regular Friday feature where we explain a tech term or answer a question about business IT.
This week, we reveal the fastest way to make text bigger (or smaller) in your web browser.
There are lots of reasons for changing the text size in your browser. Maybe you're finding a website hard to read, or you want to fit more onto the screen at once.
Either way, it's super-easy to zoom in and out. If you're using a Windows PC, try these shortcuts:
On a Mac, use the same shortcuts but hold CMD instead of CTRL.
It really is that easy — so you never need to squint at a website again!
If you’ve ever been unfortunate enough to suffer severe back pain, you were probably too busy trying not to move to worry about how much it was costing your business.
That figure starkly illustrates why a few quid spent on decent equipment — plus training so your staff know how to use it — is a very worthwhile investment.
Quite apart from the fact that, as an employer, you have a duty of care to your employees, back pain and other problems can cost your company dearly.
Neck pain, repetitive strain injury and other ailments are worryingly common. Recent research from the Post Office Shop found that 63% of Britain’s office workers complain of aches at their workstation.
Even if musculoskeletal disorders (MSDs) like these aren’t enough to force people to take time off, they can sap productivity and damage the atmosphere in your office as your employees (understandably) moan about their aches and pains.
Ergonomic issues can creep up on your company if you don’t stay on top of them — particularly if the people in your business don’t like to make a fuss. Getting the basics right is pretty straightforward.
Buy good-quality, fully adjustable office chairs. Make sure monitors can be positioned at an appropriate height, and allow staff to request footrests, additional lumbar support, wrist rests and other ergonomic devices to make themselves comfortable.
Even small things can make an enormous difference. For instance, if someone complains they find their mouse uncomfortable, consider swapping it for an alternative model — or perhaps a trackball. You won’t resent the expense if it helps your employee avoid carpal tunnel syndrome.
But as well as providing appropriate equipment, you must make sure your staff know how to use it properly.
I’ve worked in offices where colleagues have hunched over their laptops because they didn’t know they could plug in to the external monitors, keyboards and mice provided. (Or perhaps they just couldn’t be bothered.)
Either way, you can’t take it for granted that everyone knows how to sit at a desk correctly. So make sure you brief new staff appropriately and offer guidance to existing employees.
Health and safety gets a reputation for creating unnecessary rules and pointless box-ticking. But in truth, most of these rules exist for a reason.
They protect your employees — and by extension, they protect your business. Make sure you know what you should be doing.
Now we’re three months into the year, how many of these predictions look accurate to you?
Business owners stand to benefit substantially from the rise of alternative finance over the coming months.
Credit cards, overdrafts and loans are no longer the only ways to finance business growth. Crowdfunding, peer-to-peer lending, equity funding, supply chain finance and invoice discounting are all worth investigating and pursuing.
These business models allow customers to share products rather than buy them outright. Their rise is encouraging for smaller companies, because they can attract customers who can’t manage to buy their products outright.
Mobile money is on the rise. New payment technologies are making it easy to handle your finances on the go.
You can now create and manage invoices and take credit card payments on your smart phone.
2014 is the year ‘big data’ stops being a buzzword and starts being something smaller companies can really use.
Improving analytics technology is giving businesses the opportunity to drive growth through data. Learn more details about your most valuable customers. Understand your finances more intimately. Make strategic decisions that are driven by data more than by gut feeling.
In 2014, consumers expect personalisation. Big companies understand that we have entered the age of clever comms, and are big data and analytics to offer highly personalised products to their target audience.
Smaller businesses must follow this lead. Bombarding your market with poorly directed emails just doesn’t cut it anymore (although you could argue that it never did).
Some of the most exciting tech-start ups are pioneering what looks set to become a major feature of business in 2014: collaboration and co-creation.
They’ve realised that by working side-by-side, separate businesses have a greater chance of sparking new ideas for innovation and growth.
If you’re in retail, the rise and rise of price comparison apps means it’s really important that people entering your shop have an unforgettable experience.
That space is yours alone. It’s the ideal platform to showcase your brand’s identity, so you should make the most of it.
Social media is everywhere, but social listening and trend watching are becoming increasingly important in directing product development.
If you are selective and intelligent with the social channels you employ, they can help you work out exactly what your customers want.
Britain is no longer in recession, but people are still mindful of their wallets. Pricing strategies that appeal to austerity Britain will remain popular.
Just look at the recent successes of companies like Pizza Express, who offer clever discounts through voucher websites such as Groupon.
No, sustainability isn’t just a buzzword. A company’s carbon footprint and its desire to give back to the local community are increasingly important in consumer decision-making.
Practicing responsible, ethical business can benefit both society and your profit margins.
This post was written by Piers Barber, a business writer for Sage Business Software who has an interest in the growth of mobile technology and business.