Search in blog
How to use PrivateRouter's app with a DDWRT Router2875 viewsHow to use PrivateRouter's app with a DDWRT RouterRead more
Tech savvy people and privacy focused internet users have been putting WeWork on blast in every corner of the internet. Sadly, WeWork absolutely deserves the scrutiny and criticism for their obvious blunder that technically jeopardized everyone who has ever used their WiFi.
WeWork bills themselves as being at the forefront of innovation. They talk a big game about tech advancement, proprietary software, and the highest possible quality of service as an all-encompassing business solution. Despite what they say, their actions make them seem a bit too incompetent to live up to their promises. Recently, the company pulled its slated initial public offering plans.
Although WeWork has many issues circling its head (much like a cartoon character that got bashed with a frying pan), one of them was so innately obvious to anyone who even vaguely understands what the word “hacking” means.
What Happened with WeWork?
WeWork provides WiFi for businesses to connect to, conduct work, and exchange information. This WiFi is shared by everyone in a particular WeWork location. Putting too many people on the same network is a terrible idea for many reasons. The least important reason is that the connection speed may be slower. The most important reason is that data can easily be intercepted by anyone else connected to that network.
Even if there is a reasonable level of trust among businesspeople sharing the WeWork WiFi, there’s nothing stopping anyone at all from stealing whatever they want. WeWork was foolish enough to use an awful password. We won’t reprint it, but we will tell you that if you look up a list of the worst passwords of all time and try them, one of them will log you into WeWork’s WiFi.
That’s not even the worst indiscretion WeWork has been outed for – that would have been back in 2015. Teemu Airamo, the founder of multimedia marketing company MMI Broadcasting once utilized WeWork’s network with full permission. He was dealing with documents that needed to be kept highly secure when he realized he could freely and easily see similarly private documents being sent or received by every single business who utilized WeWork’s network.
Airamo pointed out this glaring security flaw to the management at WeWork, who responded with the equivalent of the “shrug” emoji. To make matters worse, they’ve never done anything to fix the problem. They’re bombarded with messages from privacy analysts and former customers, and they seldom respond. Airamo still checks the network periodically. Years later, the password is the same and everyone’s private data is still plainly visible.
It’s clear that WeWork doesn’t care about security. They do offer VLAN service for an additional charge, but after they’ve demonstrated such a flippant disregard for user privacy, do they really deserve trust?
Shared Spaces and the Safety Dilemma They Present
WeWork is far from the only company to utilize their business model. Dozens of brands create co-working office spaces with shared resources marketed towards sole proprietors, independent contractors, small businesses, and startups. If you haven’t heard of WeWork, you’ve probably heard of Regus, Proximity Space, Workbar, Next Space, or Bond Collective.
Giving everyone one WiFi network for transmitting sensitive business data is a terrible idea, no matter who does it. Sharing passwords for that connection will always put your business in jeopardy. There’s nothing to stop your competitor from signing up with the coworking space, stealing your data through the shared network, and using it against you.
There’s also nothing stopping anyone who can get a hold of the password from doing nearly anything they want. You’re simply never safe on communal WiFi. Even though you may feel comfortable scrolling through social media on a coffee shop’s WiFi, you should never feel comfortable sharing financial information, client invoices, or research data over a coworking space’s WiFi. The idea that their default WiFi is somehow more secure than the WiFi at a Starbucks is arbitrary – they’re the exact same thing if the password ever gets out.
How Could This Have Been Avoided?
Security concerns could be dampened if coworking spaces provided everyone with a VPN. Businesses who are locked into contracts with coworking spaces that don’t offer private or safe internet should, at the very least, utilize VPN software on all devices that will ever connect to that network. Ideally, every business should use its own VPN WiFi router for those devices – it’s more convenient if every device will automatically connect to a VPN without second thought.
Conclusion: It’s Easy to Avoid WeWork’s Mistakes
The moral of the story is that you should never assume you’re safe on WiFi, even if you’re in an establishment that seems professional and geared towards businesspeople. If they haven’t outright expressed that you’ll have a VPN connection, you’re probably not going to get one. Buy a SOHO or small enterprise VPN WiFi router for your team to use – it’s the only way to safely transmit sensitive data online.