November 28, 2020

Volume X, Number 333


Privacy Tip #254 – FBI Issues Warning of Using Hotel WiFi if Teleworking from Hotel

On October 6, 2020, the Federal Bureau of Investigations (FBI) issued a warning to consumers about using WiFi when teleworking from a hotel.

The FBI acknowledges that many workers are having difficulty working from home during the pandemic due to a host of issues. According to the FBI, “U.S. hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment.” As a result of the increase in the use of hotel rooms for work purposes, the FBI is warning consumers about using hotel WiFi to conduct their work.

According to the FBI’s announcement, “[M]alicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests. Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework.”

Here are the recommendations from the FBI announcement:


  • If possible, use a reputable Virtual Private Network (VPN) while teleworking to encrypt network traffic, making it harder for a cybercriminal to eavesdrop on your online activity.

  • If available, use your phone’s wireless hotspot instead of hotel Wi-Fi.

  • Before travelling, ensure your computer’s operating system (OS) and software are up to date on all patches; important data is backed up; and your OS has a current, well-vetted security or anti-virus application installed and running.

  • Confirm with the hotel the name of their Wi-Fi network prior to connecting.

  • Do not connect to networks other than the hotel’s official Wi-Fi network.

  • Connect using the public Wi-Fi setting, and do not enable auto-reconnect while on a hotel network.

  • Always confirm an HTTPS connection when browsing the internet; this is identified by the lock icon near the address bar.

  • Avoid accessing sensitive websites, such as banking sites, or supplying personal data, such as social security numbers.

  • Make sure any device that connects to hotel Wi-Fi is not discoverable and has Bluetooth disabled when not in use.

  • Follow your employer’s security policies and procedures for wireless networking.

  • If you must log into sensitive accounts, use multi-factor authentication.

  • Enable login notifications to receive alerts on suspicious account activity.”

 These are solid recommendations for workers to follow and for companies to share with their employees.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume X, Number 282



About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...