Safety & Privacy: Tips for Anti-Violence Organizations

Wi-Fi is a wireless technology used to connect computers, tablets, smartphones, and other devices to the Internet.

Some women’s shelters and transition houses have a Wi-Fi network, which is an Internet connection that is shared via a wireless router. It is important for organizations to make their Wi-Fi network as secure as possible within their buildings, and to consider what safety and privacy precautions need to be in place if staff may be accessing other Wi-Fi networks (e.g. in public places or at other agencies). This document provides tips on how to secure a Wi-Fi network and what to consider when using public networks outside your organization.

The following is a basic overview of the various steps involved with Wi-Fi communication and how someone may be able to intercept data using Wi-Fi:

Browser Your browser is software that allows you to view and send information over the Internet.

Device Your device uses its Wi-Fi connection to transmit information to and from the browser.

Eavesdropper The data you transmit is sent over the air. It can be intercepted by anyone within range who knows the Wi-Fi password.

Wireless Router The router receives the Wi-Fi communication from your device and sends information to and from the Internet.

Internet The Internet is a connected system of computer networks that link devices to each other.

Destination The information reaches the server(s) that host the website you’re visiting, and those servers send back the information you requested.

Image credit: Safety Net Project, NNEDV

If you have Wi-Fi at your organization, there are two ways for someone to connect: through a wired connection or through a hotspot. A wired connection is when an ethernet cable is used to physically connect a device (e.g. computer/laptop) to an Internet service provider modem and is generally very secure. A hotspot is a physical location that enables people to connect to the Internet, usually through Wi-Fi, using a wireless local area network (WLAN) with a router connected to an Internet service provider. Hotspots can be very secure, but are not always secure when left on default settings or are not password protected. Follow the steps below to secure your Wi-Fi hotspot:

1. Use a Strong, Private Password
Choose a Wi-Fi password that has at least 12-15 characters and contains randomly placed letters, numbers, and symbols. Learn more about Password Safety here. Do not freely share this password or write it in any visible location (including on or near the router itself).

2. Adjust Security Settings
The proper configurations will make sure your Wi-Fi network only supports the most up-to-date protocols for transmitting information

• The only security algorithm that should be enabled is WPA2. Disable WEP and WPA.
  
• The only encryption method that should be enabled is AES. Disable anything related to TKIP.
• Completely disable WPS. This feature is enabled by default on most Networks. It allows for an alternate method of connecting without the password. It has a significant security flaw that can be easily exploited.

Check your router manual or contact your Internet service provider for support.

3. Set Up a Guest Network (optional)
Set up an alternate network if you have guests that need to access your Internet connection. The password to this network doesn’t need to be as complex or private. The name for the network should not be identifying, for your privacy and for that of your guests.

The steps for accessing and configuring a Wi-Fi Network are different for each device. You may need to check your router manual or contact your Internet service provider for assistance.

If you have serious privacy concerns or risks, it’s critical to understand how to access public/open Wi-Fi safely and when to avoid it. Any Wi-Fi network where there is either no password or the password is publicly available should be considered an open network. Even if the network is password protected, a skilled eavesdropper will still be able to view your communications if they also have access to the password (a common example of this is in a hotel where all guests have the same password and it is not changed often).

There are two ways browsing the Internet can be safe while using a public Wi-Fi network:

1. Use HTTPS
HTTPS adds a practically impenetrable layer of encryption between your browser and the website with which you’re communicating. Sites using an HTTPS connection can be trusted even while using an open/public Wi-Fi Network. However, you must always double-check that “https” is at the beginning of the web address and verify the domain name is exactly the site you are meaning to access. Saving important webpages as bookmarks and always accessing these pages via those bookmarks is a great way to ensure that you are never tricked into thinking you’re visiting a site that you’re not. Never bypass warnings your browser displays about problems with the security certificate from an HTTPS website.

It’s also important to remember that while the content of your communications with HTTPS may be private, the destination is not. Imagine you’ve mailed a letter to a friend using a language that only the two of you understand, but the envelope is addressed in a language everyone understands. Anyone who intercepts that letter won’t be able to read the message inside, but they will be able to see who you’re communicating with by reading the envelope. The same concept applies to web communications.

Activities that are generally safe when using HTTPS:

The web address/destination does not need to be a secret; however, HTTPS can be trusted to protect the content.

• Online banking or shopping
  
• Web-based email (Gmail, Yahoo! Mail, etc.)
• Social media (Facebook, Instagram, etc.)
• Any other web service that requires a username and password to view information

Activities that are NOT private with HTTPS:

The information in the web address/destination gives away what information is being viewed:

• Search engines (Google Search, Bing, etc.)
• Online mapping (Google Maps, Mapquest, etc.)
• Any website that you wouldn’t want an eavesdropper to know you’ve visited

The line between web page “content” and “destination” can be a blurry one. When in doubt, always assume your information is not private. Wait until you’re using an Internet connection that you have full control over before proceeding.

2. Use a Virtual Private Network (VPN)

An easy way to avoid most privacy risks related to using Wi-Fi is to subscribe to a virtual private network (VPN). A VPN will encrypt 100% of the traffic sent from your computer and deliver it to an alternate server somewhere else on the Internet. Once the information has reached that alternate server, it is decrypted and sent to its final destination. The VPN makes it look as if the requests you sent were coming from that alternate server, keeping your IP address and location anonymous.

A VPN provides the following benefits:

• Encrypts all web traffic (HTTP and HTTPS) as it passes over Wi-Fi.
• Disguises both the web content and destination as it passes over Wi-Fi.
• Masks your originating IP address from the website you’re visiting. This prevents the website from tracing your IP address back to your general geographic area.

More information about VPNs is available from the Electronic Frontier Foundation’s Surveillance Self-Defense tool. A guide to VPNs is available from reputable reviewers such as Tom’s Guide.

1. Keep Software Updated

It’s extremely important that you promptly install all updates to your operating system, browser, anti-virus program, and anything else on your computer, tablet, or device related to the Internet or security. Without these updates, your computer may be vulnerable. New threats are constantly being found and these updates help protect against them but only when they are current. It can be helpful to think about updates like repairs to a leaky roof – if you don’t mend them as soon as possible, things could get dire quickly and your roof could cave in. 

2. Use Anti-Virus/Anti-Spyware Software

While not perfect, anti-virus/anti-spyware software is an important tool for stopping malicious content before it can even reach your browser. 

Most computers come pre-loaded with anti-malware and anti-spyware applications. These applications will typically only be free for an introductory period and should not be relied on after the trial period has expired. You can also download a variety of free anti-virus programs. 

Anti-malware apps are available for smartphones, but they do not provide as significant a benefit as their computer counterparts. 

Thoroughly vet any anti-virus program before installation. Malware can commonly be disguised as an anti-virus program or computer scanning tool to trick you into installing it. 

3. Use Privacy Screens

A low-tech way to prevent someone from looking over your shoulder to view the information on your devices is to use a privacy screen. Privacy screens are shaded filters that you put on top of your laptop or tablet screen to prevent someone from looking over to see what you’re doing. 

4. Manage Wi-Fi Network History 

Most mobile devices and computers store a list of Wi-Fi networks that you’ve signed in to. Review the list and remove any that don’t feel safe to keep. You may not want to delete the whole list because that might be a heads-up to someone physically monitoring your devices. Also, it could be inconvenient to wipe the entire list because it probably includes the Wi-Fi you most frequently connect to (including passwords). 

To support your development of safe tech use policies, WSC has developed a Use of Technology Policy Template Guide for Women’s Shelters and Transition Houses (PDF, in English only).

Technology-Facilitated Gender-Based Violence (TFGBV) is part of a continuum of violence that can be both online and in-person. If you or someone you know is experiencing TFGBV, you are not alone. You can use sheltersafe.ca to find a shelter/transition house near you to discuss options and create a safety plan. You don’t need to stay in a shelter to access free, confidential services and support.

Special thanks to Steven Jenkins of EmpowerDB for providing content expertise for this document.

Adapted for Canada with permission from NNEDV’s Safety Net project, based on their resource WiFi Safety & Privacy: Tips for Victim Service Agencies and Survivors.