This St. Patrick’s Day proved to be rather interesting this year. As with years past, an Irish pub was visited. This happened to be connected to a golf course. Granted there were the usual characters present, however this year was a bit different. As the waitresses were exceptionally busy, there was a bit more time that was not occupied. Being curious and waiting for an exceptionally long period, the WiFi was checked. This was labelled as ****** Golf and was totally insecure. Anyone could connect to this from anyone the WiFi reached, including part of the parking lot, with ease. There was no password or check in place. Although not optimal, this is not necessarily a fatal flaw. What made this interesting is the equipment on the WiFi, versus these bing connected to the other secure WiFi sources. On this WiFi were a number of client devices including several phones (Amanda, Go Blue (a hapless UM fan), Stephann, Lisa, Kathleen, Jacob, & Sylvia) and the DJ’s laptop (MacBook Pro).
This is not that unusual, after all if there is free WiFi, a number of people will connect regardless. What made this interesting is the business devices that were placed by the business on the completely open WiFi, instead of one of the other locked WiFis requiring authentication. These were a printer (HP Office Jet Pro 6968) and the PC in the pro shop, among other business devices.
The issue was not taken further (scanning or trying to connect) for obvious reasons, however there are several items requiring attention in this matter. Business assets, which can be connected to with the internet by unauthorized parties, should not be on an open WiFi accessible to anyone. Having the printer on this versus one of the other WiFi networks requiring the simple login ID and password, is annoying and did not make an abundance of sense. Having a business printer and Pro Shop PC on the WiFi is clearly an error.
The pub certainly should provide their patrons with the WiFi if this would be used appropriately. This should however be used for the clients, and not the business assets. There were three other WiFi options, all locked, which could have been used. These options would not have been over-burdened the other WiFi networks, especially in Michigan in mid-March. The pro shop would be much busier in other, warmer locations. The business, small- or medium-sized, truly need to think through what assets should be used placed in specific locations. Consumers also need to understand by connecting to the open WiFi, the device is seen by everyone. Too many people simply are apathetic to security in this instance, until there is a direct negative consequence.
There still needs to be more training with this topic.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!