Safety of WIFI in Assisted Living
December 12, 2019 12:08 PM   Subscribe

My parents are moving into Assisted Living. The place they're going to provides wifi for the residents. I am wondering if I need to protect their information and their money, and, if so, how best to do that.

I admit I'm pretty paranoid about online security, but also that I'm not very knowledgeable about it. My father, who handles their finances, is 95, and does not learn new things well at all, so anything he needs to change - even something as simple as getting him to use a different browser - isn't going be easy. He unfortunately uses the same financial institution for all of his money and credit cards, so he likes to check it every day or so. I'm concerned that someone who gets his information can basically clean them out.

He currently uses Chrome and Safari on a Chromebook.

I do keep a close eye on his email and his finances, but I'm going to be traveling for the next few months, and am not all that sure I should be going to any financial sites from a vacation rental.

I don't know if the Assisted Living facility's wifi is password-protected; I doubt it, but will find out tomorrow. I don't know if that makes any difference.

I do have the option to get internet for them privately, but won't be able to do it for a few months. And I'd rather not do that if I don't have to, just because I'd really like to not deal with Comcast or AT+T, or keep being the IT person for my parents.

So my questions are -
  • What should I be asking or checking when I visit the place tomorrow?
  • Is there anything I can or should do to improve the security of his using their wifi? Or of mine, using the wifi at a VRBO or two?
  • Is it safe to log into a brokerage over more-or-less public wifi, or should I just bite the bullet and deal with one of the internet providers?
  • Is it safe to log into a brokerage from a VRBO rental? I don't know if I'll have access to the actual modem. Is there anything I can do to improve my security (running Windows 10, MalwareBytes, Opera and Chrome)?
Or, I guess, am I just being paranoid and way over-cautious?

posted by still_wears_a_hat to Computers & Internet (14 answers total) 3 users marked this as a favorite
Pay for a cheap VPN service like IPVanish or NordVPN and then configure your Father's computer to auto-login to the VPN on startup. That's by far the easiest and safest thing to do, since all the network traffic from your Father's laptop will be encrypted up to the VPN provider no matter what the local network conditions are like. You can use the same approach for using wifi in any semi-public place, like a hotel or VRBO rental.
posted by Fidel Cashflow at 12:22 PM on December 12, 2019 [9 favorites]

Yep, what Fidel Cashflow said.

You could just set them up with a VPN. I've had people recommend Nord VPN and Express VPN to me. The VPN would be automatic - once you set it up, all their internet traffic is routed through the VPN, which encrypts everything transmitted, so even if someone hacked into the living center's wifi or whatever, they wouldn't get the stuff going through the VPN.
posted by AppleTurnover at 12:33 PM on December 12, 2019 [1 favorite]

And you also can use a VPN on your own machine if you're on a wifi connection you don't fully trust.
posted by adamrice at 12:33 PM on December 12, 2019 [1 favorite]

(Maybe not Nord)

If they were my parents, I'd be okay with them using a password protected wifi, and would look into using a VPN for my own travel. If it's a truly public wifi I'd set up a VPN for them, knowing that it could potentially lead to more IT questions in my future.

In my opinion, the biggest threats to their accounts come from other avenues (reused passwords being exposed in a breach; falling for a scam call; etc.) and less from a hacker in near physical vicinity to them. YMMV.
posted by matrixclown at 1:13 PM on December 12, 2019 [1 favorite]

The wifi in my parent's assisted living facility was password protected. I as a guest had to log onto a separate guest network. YMMV.
posted by AugustWest at 1:18 PM on December 12, 2019 [1 favorite]

Speaking as someone who dealt with commercial WiFi networks for years, password protected WiFi is fine, as long as it isn’t WEP. Wifi security is the padlock of network security — it requires a medium effort to break and is therefore not worth the trouble unless you have a specific target. Assisted living facilities are not hotbeds of WiFi hacking.

Phishing, viruses, and fake phone calls are the big risks consumers can affect and I suggest you focus your resources there.

Even then there are only on the order of 100,000 successful consumer-involved attacks per year. Then somebody cracks the security at a major retailer and sudden 3 million credit cards have been stolen. Nobody has hit one of the big institutions yet but it’s just a matter of time.
posted by Tell Me No Lies at 1:57 PM on December 12, 2019 [3 favorites]

I should mention that any financial institution is going to be using secure web connections from the laptop all the way to the institution. You could run your data over completely unsecured WiFi and still be safe.
posted by Tell Me No Lies at 2:06 PM on December 12, 2019 [2 favorites]

Any WiFi is fine, even an unencrypted one. All WiFi is insecure, the encryption is not strong. That's why every website in the world went to HTTPS several years ago for security. I don't think your parents will be any more at risk from an assisted living facility's WiFi than any other Internet access.

Like folks say you could use a VPN for extra piece of mind. I like Tunnelbear solely because their software is cute and easy to use. Starting new I'd look at Mullvad, solely because Mozilla recently chose them for their Firefox VPN product.

BTW, you mentioned being worried about their bank account security. It might be worth having them call their banker and explain their situation, that they are elderly, etc. Or have you call on their behalf. There may be some extra security they can add to the account to make it harder to, say, transfer all the money out in the middle of the night.
posted by Nelson at 3:27 PM on December 12, 2019 [8 favorites]

I’ve used a VPN called TunnelBear for various things. One thing I discovered was that Chrome would turn off syncing to the cloud while it was running. If he’s only using one machine maybe that won’t be an issue.

At the very minimum he shouldn’t do anything sensitive over a network that isn’t password-protected.
posted by bendy at 3:35 PM on December 12, 2019 [1 favorite]

Just in case you haven't already addressed these issues, you should be a LOT more worried about less high-tech means of defrauding your parents.
posted by praemunire at 3:43 PM on December 12, 2019 [3 favorites]

While you are checking on this - are you on their accounts? And does their bank have you listed as a trusted person if they become incompetent?
posted by leslies at 5:20 PM on December 12, 2019 [2 favorites]

Circling back to say, I agree, I'd be more worried about your parents clicking scam emails or accidentally installing shady browser extensions, which are things my mom has fallen prey to. I use a program called TeamViewer so I can log into her phone and computer remotely and diagnose problems, or help her do things. I would definitely be more wary about phishing and socially-engineered stuff.
posted by AppleTurnover at 8:38 PM on December 12, 2019

Conveniently, this just-posted Ask illustrates the kind of scam they may get exposed to!
posted by praemunire at 9:41 PM on December 12, 2019

Thank you, everyone. I will get a VPN for both my father and for me.

And thanks for the tips about phone scams, viruses and being on their accounts. I think we're in good shape on all those, but will make sure.
posted by still_wears_a_hat at 1:48 PM on December 13, 2019

« Older German language resources   |   Newly diagnosed adult with ADHD...I think. Newer »

You are not logged in, either login or create an account to post comments