If remote users want to connect to mobile hotspots, IT must make sure it has a plan for added security.
Mobile hotspot tethering, a standard feature on smartphones, enables a Wi-Fi-enabled device to access the internet by connecting to another device's cellular data network. The most common way to connect to a mobile hotspot is with a compatible device such as a laptop or tablet to tether to a phone -- for instance, via Bluetooth.
When users are in a jam working remotely or in transit, mobile hotspots are sometimes necessary to establish a network connection. If users aren't near a secure network, or if their own network isn't functioning properly, a mobile hotpot may be the best option. These users can quickly establish a network connection on a work device; access the software, data or whatever work materials they need to resolve an urgent issue; and then turn off the hotspot once they have completed the work.
Mobile hotspot tethering is not that common anymore due to the slow speed of this mobile data connection, increased data usage and the high battery usage users see when in hotspot mode. Still, some users may want to access hotspots when they're outside the office. Users may be accustomed to this feature on mobile devices, especially smartphones, and it's a straightforward way to establish a network connection in a place without any secure Wi-Fi such as a train or a bus. The problem is that mobile hotspots can be vulnerable to someone stealing bandwidth or, worse, to breaches and hacking.
Potential dangers of mobile hotspot tethering
IT admins have many concerns about the use of mobile hotspot tethering because they lose control of what could be streaming over the internet connection. Hackers normally use a packet sniffer to intercept wireless communications, so a hotspot could expose a user's corporate login credentials. With this information, hackers could breach the corporate network and access sensitive or regulated internal data, trade secrets or financial information about employees.
It can also be dangerous when a hacker is the one with the host device, using a mobile hotspot to perform W-Fi phishing. A hacker could also create a hotspot that has the same or a similar name to an actual Wi-Fi hotspot, usually in a public place. Plus, if the attacker tethers to a company paying for the cellular data, the organization could end up spending a lot of money for users who stream videos or perform other activities that require a large amount of bandwidth.
While this issue of an outside actor harnessing an employee's data signal for their own personal use is far less of an issue than hackers stealing corporate credentials, organizations should still prepare for this potential situation. Users that have an eligible phone to use a company data plan need mobile device governance from mobile admins to prevent any of these outcomes.
How can organizations control mobile hotspot tethering on end-user devices?
One way for IT admins at medium and large-sized companies to circumvent issues with mobile hotspots is to offer individual employee and guest Wi-Fi networks. Or IT can provide remote or contract users with access to an employee sponsor's Wi-Fi network by giving the user the email and password of the sponsoring employee -- with their approval, of course. This step has been valuable for IT to ensure the right people access company data from the right cellular network.
Another option is for IT to disallow mobile hotspot tethering completely on company-owned or managed devices running both Android and iOS. Finally, a basic step all companies should take is to establish policies that limit the use of mobile hotspots and connecting to company VPNs and enterprise mail services from remote networks. With these steps, organizations can limit the risks presented with the use of mobile hotspots.
Organizations could opt to restrict mobile hotspot tethering entirely, but this could lead to users encountering issues while on the road. It's up to IT departments to determine the best administrative option for the organization's security and user experience needs.
Dig Deeper on Mobile networking
Related Q&A from Matt Schulz
Learn about the history of OAuth and Apple and how iOS 12 changed the game for authorization. There are a few things to be wary of, too. Continue Reading
There are a variety of factors to evaluate when determining the true cost of mobile devices in an organization. Unpack these factors to find the TCO. Continue Reading
Mobile devices are now commonplace in the enterprise. Discover which vendors are touting enterprise-ready features and which are reluctant to jump ... Continue Reading