Coffee shop WiFi is fine for most browsing. These five things, never — no exceptions.
Public WiFi is fine for the things public WiFi is fine for — checking news, reading articles, looking up directions. It is not fine for some specific activities, and that line is much sharper than people realise. Five things below, never on public WiFi, regardless of how reputable the network looks.
The bank's app is encrypted end-to-end, so technically you're safe. But the human factor isn't — your login session can be hijacked from across the cafe via a fake captive-portal page, your screen can be shoulder-surfed, and any banking activity you do creates a paper trail at the venue's router that someone might log. Bank on cellular data, not WiFi.
M365, Xero, payroll, the company VPN — anything where the credential gives access to money or sensitive data. The risk isn't always interception (most logins are HTTPS-protected). The risk is browser hijacking via the captive portal page, which can inject a fake login overlay before you even reach the real site.
Even if email is encrypted, the network can see who you're talking to and how often — useful for someone profiling you for a future scam. Save sensitive comms for a trusted network. Same applies to Slack, Teams, WhatsApp — encryption doesn't hide metadata.
Public WiFi can be silently rerouted at the router level — meaning what you think is downloading from Microsoft might actually be a swapped binary from someone on the same network. Save software downloads for home. The principle is: any time you're trusting where bytes are coming from, do it on a trusted network.
Forget the network when you leave. On Windows, Settings > Network > WiFi > Manage Known Networks > Forget. On a phone, hold the network name and tap Forget. The risk: next time you walk past, your device auto-connects without prompting, and you don't know it's happening. Long-running passive connections are how account-hijacks happen days after the original visit.
Mobile data is now cheap, fast, and infinitely safer than a coffee-shop network. Your phone's hotspot is encrypted with a password only you know. The data charges are negligible for normal use. If the activity matters at all, just tether — see the tethering tip for setup.
Public WiFi safety is one part of mobile safety. Read the rest.
Hybrid teams work from cafes, airports, client offices. whedo.it sets up always-on VPN for managed clients (via Conditional Access, no user effort) so any WiFi network is automatically tunnelled. Worth ten minutes of explanation if your team travels.
A Support Representative will get in touch.
A Support Representative will be in touch the same business day.
No deck, no pitch — walk your environment with a senior Australian practitioner. Confidential by default.
I built this business because I wanted to do Managed services properly — for a small number of clients, at a senior level, with the same person on the end of the phone every time. The work is too important and the stakes are too high for anything less.
Behind the formal qualifications: a Cyber Security degree from the University of the Sunshine Coast, currently working on my Master’s, plus a continuous stack of Microsoft, Acronis and Nerdio certifications — the ones that have to be renewed because the threats don’t stay still.
Behind the certifications: thirty years of doing the work. I cut my teeth in consulting, then went to Cisco on the team building the original iPhone — Cisco’s VoIP handset, the trademark Apple later acquired in the 2007 settlement. At TPG in 1999 I sold frame-relay networks when frame-relay was the cutting edge of business connectivity. I built and sold a Sydney-based MSP called Online IT before relocating to Perth.
Three decades of watching what’s actually changed and what hasn’t. The technology has changed almost beyond recognition. The principles haven’t. Identity first. Backup that has actually been tested. A senior practitioner who knows your environment. Calm in an incident. Honest answers when the answer is “no.”
That’s whedo.it. That’s the brief. That’s why long-tenure clients don’t leave.
— Warren Ephron, Director