Do you remember the days before mobile broadband was commonplace and connection speeds on 2G wireless were barely usable? How often did you seek out a specific location such as a coffee shop or a hotel that offered a free or (more likely) purchasable Wi-Fi connection?
Times have changed. Now, we expect to have free and performant Wi-Fi wherever we happen to be – on a train, at an airport, visiting our favorite retail destination, at a baseball game, and in other public spaces.
There are many benefits for the businesses and organizations that provide guest Wi-Fi, including increased foot traffic, superior customer experiences, and improved brand perception. However, as many businesses and organizations are discovering, there are challenges around providing guest Wi-Fi services, too.
Before we dive deeper into this topic, I want to briefly cover the gray area regarding users accessing or downloading copyrighted or illegal material when connected to a guest Wi-Fi network.
There are numerous pieces of legislation that cover copyright material; consider, for example, the Digital Millennium Copyright Act (DMCA) in the United States, and the Digital Economy Act (2010) in the United Kingdom. The common perception is that service providers and intermediaries such as the businesses that are offering Wi-Fi connectivity are responsible for any copyright breach. This is incorrect. Under the DMCA and Union Electronic Commerce Directive 2000, ISPs and intermediaries are exempt of any responsibility around users accessing or downloading copyrighted material.
When it comes to illegal content, a similar indemnity is adopted. As of December 2017, no ISP or intermediary has been prosecuted for allowing users to access or download copyrighted or illegal content.
So, if ISPs and guest Wi-Fi providers are devoid of responsibility for unsuitable content consumption, what is the issue around users accessing inappropriate materials?
In a nutshell, it’s all about brand reputation.
Imagine you are at your local coffee shop with your children, sipping your latte and generally enjoying life. You then notice that there’s another patron who is – and there’s no easy way to say this – viewing adult content. Ignoring for a moment what you may think about the person, what’s your perception of the coffee shop at that point? Are you likely to see the brand in a positive light? Will you be visiting the place again? Will you tell others about your experience? For most people, the answers are likely to be no, no, and yes.
Think this is an unlikely scenario? Think again. Users access adult content and other unsavory or unsuitable content via a guest or public Wi-Fi network everyday around the world, as this BBC news article clearly illustrates.
Some companies, such as McDonald’s and Starbucks, have now implemented controls to limit access to inappropriate material. But many businesses and organizations are behind the curve and fail to limit what types of content their patrons can view when connected to the Wi-Fi network. Take for example, Target in 2015 – unsecured access to the guest Wi-Fi network resulted in serious consequences for their family-friendly brand image.
As a long-time member of the content filtering world, I often check content category restrictions when I log on to a guest Wi-Fi network. While not a scientific study, I’d say three times out of four there are no controls in place – pretty alarming.
In my opinion, there are a few reasons why this is the case.
We are an edgy brand or a progressive-thinking organization, and we don’t want to be perceived to censor the Internet. Filtering and censoring are very different in my mind, but there are many people and organizations who see them as one and the same. This results in a need for sophisticated solutions with the ability to provide finely calibrated filters that allow mature for content (ex. R-rated movies) but disallow truly inappropriate or unsafe content (ex. black market websites).
That’s something our ISP takes care of, isn’t it? That is sometimes the case, but frequently, the ISP will have no content controls in place to limit access to unsavory content. If they do provide controls, they are often quite basic, and can easily be bypassed by savvy patrons. One other challenge with relying on your ISP is that it’s likely the controls you receive will be generic, with little to no ability to modify them for your business.
We have T&Cs on our login page disallowing inappropriate use of our network. Just because users tick the Terms and Conditions box, there’s little guarantee that they are going to abide by them. Given the brand consequences, relying on good faith alone is not a great approach.
So is there an easy way to address this risk?
The first step is to check what types of content you can currently access from your guest Wi-Fi. It should be fairly simple to identify content categories that are inappropriate based on your business and the types of patrons you have.
The second step is to create an Acceptable Use Policy for your guest Wi-Fi if you don’t already have one. This should clearly define the above – what content is considered unacceptable to access and view?
The final step is to deploy an easy-to install and simple-to-manage solution that allows you to proactively manage your Acceptable Use Policy. Ideally the solution should be cloud-based with no hardware or software installation necessary, and should be transparent to your patrons.
Akamai Enterprise Threat Protector is a cloud-based service that allows organizations providing guest Wi-Fi connectivity to proactively manage and control the categories of Internet content that users are allowed to access. Blocking access to inappropriate content can significantly reduce reputational risk and maintain brand integrity. Find out more at akamai.com/etp.
This is a Security Bloggers Network syndicated blog post authored by Jim Black. Read the original post at: The Akamai Blog