If remote users want to connect to mobile hotspots, IT must make sure it has a plan for added security.
Mobile hotspot tethering enables a Wi-Fi-enabled device to access the internet by connecting to another device's cellular data network. The most common way to connect to a mobile hotspot is using a laptop or tablet to tether to a phone -- for instance, via Bluetooth. When users are in a jam, mobile hotspots are sometimes necessary to access the internet.
Mobile hotspot tethering is not that common anymore due to the slow speed, increased data usage and the high battery usage users see when in hotspot mode. Still, some users may want to access hotspots when they're outside the office. The problem is that mobile hotspots can be vulnerable to someone stealing bandwidth -- or worse, to breaches and hacking.
Risks and policies around mobile hotspots
IT admins have many concerns about the use of mobile hotspot tethering because they lose control of what is being streamed over the network. Hackers normally use a packet sniffer to intercept wireless communications, so a hotspot could expose a user's corporate login credentials.
It can also be dangerous when a hacker is the one using mobile hotspot tethering to perform Wi-Fi phishing or creating a hotspot that has the same or a similar name to an actual Wi-Fi hotspot, usually in a public place. Plus, if the attacker tethers to a company that is paying for the cellular data, the organization could end up coughing up a lot of money for users who stream videos or do other activities that require a large amount of bandwidth.
One way for IT admins at medium and large-sized companies to circumvent issues with mobile hotspots is to offer individual employee and guest Wi-Fi networks. Or IT can provide remote or contract users with access to an employee sponsor's Wi-Fi network by giving the user the email and password of the sponsoring employee -- with their approval, of course. This step has been valuable for IT to make sure the right people access company data from the right networks.
Another option is for IT to disallow mobile hotspot tethering completely on company-owned or managed devices. Finally, a basic step companies of all sizes should take is to establish policies that limit the use of mobile hotspots and connecting to company VPNs and enterprise mail services from remote networks.
Dig Deeper on Mobile networking
Related Q&A from Matt Schulz
Learn about the history of OAuth and Apple and how iOS 12 changed the game for authorization. There are a few things to be wary of, too. Continue Reading
There are a variety of factors to evaluate when determining the true cost of mobile devices in an organization. Unpack these factors to find the TCO. Continue Reading
Mobile devices are now commonplace in the enterprise. Discover which vendors are touting enterprise-ready features and which are reluctant to jump ... Continue Reading