Coworking spaces: great places with a cybersecurity drawbacks
Can a coworking space guarantee your data protection?
Since 2005, when a concept of a coworking space first came to life, it skyrocketed up to approximately 35 000 flexible workspaces in the entire world by 2019. While nowadays you can find the most amazing unique, stylish, and comfortable coworking spaces all over the world, their number 1 amenity is WiFi. Fast WiFi, to be correct. A secure one, to be precise.
That’s where things get a little bit complicated. Of course, we all would just love to have freshly roasted coffee in Montreal or drink fresh coconut juice at beachfront in Kuh Phangan, but the big question we need to ask about coworking spaces is whether the information I am working with on my computer is secure? We mean all information: the one that’s in your folders, in your email, and on a cloud.
We have some examples out there when this was not taken into consideration, like the notorious coworking giant’s “WeWork” case. The company was (and probably, still is) using the same poor password for multiple locations across its massive landscape and even giving a password in plain text on their app. Even though there’s no evidence that any actual attacks have occurred at “WeWork” locations, yet one of their Manhattan office’s tenants was able to once scan 658 devices, including computers, servers, and coffee machines. Files shared on the exposed network included scans of people's driver's licenses, passports, job applications, bank account usernames and passwords, contracts, financial documents, lawsuits, and health records. All they needed to do to gather this data was WiFi–sniffing equipment, like a “Pineapple”, or software like “Wireshark”.
“WeWork’s” negligent attitude towards cybersecurity didn’t go unnoticed, moreover, it directly affected its financial situation: valued at $47B, it is now said to be worth less than $3B, partly because investors became aware of the fact that the company’s WiFi networks are actually cyber insecure. Using WiFi security solutions originally designed for homes (WPA2 Personal), constantly put businesses into danger of “man–in–the–middle” attacks, skimming web traffic, or resulting even in a complete system takeover. Of course, nowadays, widespread use of encrypted website connections at URLs beginning with “https.” improves the situation, but doesn’t solve the issue completely.
So what can you do to avoid such cyber threats and protect yourself or your coworking space members?
If you’re a coworking space owner
A secure WiFi should be your top priority as your members are working with sensitive data and you, as a provider, should be the one that guarantees safe work conditions.
An enterprise-grade WiFi solution, which allows to provide each member with a unique username and password combination to login into WiFi, might be a good idea. This type of technology ensures so-called clients’ isolation when no one is able to see another person’s WiFi traffic.
If you work at coworking space
Even though you are highly dependable on the provider, there are a few options that might not be entirely secure, but they at least increase the level of security for sensitive data.
The first step you should do is ask the owner about the network’s security measures and if you’re able to get your personal username and password combination. If this option is not available, you can still use VPN software on your device and/or your hot–spot from your mobile phone or portable 4G station, which also ensures secure WiFi.
Keep in mind, that if you’re using only VPN, you’re still at risk for “man–in–the–middle” attacks: a hacker could set up an imposter WiFi network with the same name and password as the original one. When connected to a such network, you are at risk of giving hackers access to all your data streams.
If you work with someone who is based at coworking space
Even though you might be not working at coworking space, but are working with someone who does – you might be affected. Let’s say both you and your colleague are using encrypted data – which is great – but your partner downloads the files into the device using insecure coworking space’s WiFi. That‘s enough for your confidential files to be put at risk.
So you might want to inquire about the security solutions they are using while working in a particular coworking space and be aware of the fact that each part in a security chain has to be encrypted, otherwise, you are still exposed to a threat at a certain degree.
What if someone actually breaches?
It depends on a country‘s legal system, whether these breaches are officially a crime. Usually, these types of actions, if considered as malicious with an aim to steal data, are criminal and therefore punishable according to the law. Nevertheless, speaking about the cybersecurity and its threats - it’s better to take some precautions than to take the leap of faith that nobody will ever harm you.
Have any questions? Please don’t hesitate to contact us for more information on enterprise WiFi and security solutions or check our subscription plans.