WalkingHotSpot: Money saver or security risk?

With expensive airport and hotel Wi-Fi charges turning many enterprise road warriors into a constant money drain, TapRoot Systems Inc. says its newly announced WalkingHotSpot pricing plan could save IT bundles. But according to one Info-Tech Research Group analyst, using a mobile hotspot could be a dangerous and costly proposition.

The WalkingHotSpot software download, which was commercially launched to global users last month, allows Wi-Fi-enabled Symbian (S60 3G/Wi-Fi) and Microsoft Windows Mobile 6 smart phones to transform into mobile Wi-Fi hotspots. After users download the thin client to their handheld, TapRoot sends its customer a CAB file via SMS that will enable connections to the Wi-Fi radio.

“No client software is needed on any other devices,” Sean O’Leary, vice-president of business development and marketing for TapRoot Systems, said. “You basically just open up your laptop, view your wireless networks and you’ll see your phone acting as a hotspot.

“The software uses the Wi-Fi radio to provide connectivity and then uses the 3G for backhaul.”

After connecting, he said, users will receive a prompt on their phone which will allow them to enable or restrict access from the incoming laptop. This setting, along with a few other security features, can also be customized.

“You can have it wide open so people can just connect without being asked, or you can shut it down so only one user can have access,” O’Leary said. “You can also assign five ports to five different users and enable WPA keys for added security. It supports VPN as well.”

Customers who are adding the maximum of four additional users should not notice any significant slowdowns, he added. “We’re offering broadband-like performance.”

At this week’s Symbian Smartphone Show in the U.K., TapRoot will announce that users can purchase WalkingHotSpot for a one-time fee of US$25 for the lifetime of the phone. But at least one analyst says that price and the software itself might be a bit misleading for Canadian users.

Mark Tauscheck, senior research analyst with London, Ont.-based IT consultancy Info-Tech, said the biggest warning sign for enterprise IT users is the hidden fees that can arise from tethering a mobile device to a laptop. Carriers such as Bell and Telus offer unlimited data plans that are specifically tied to the users’ mobile device, he said.

“They may say unlimited browsing and e-mail, but only using the handheld,” he said. “That means if you tether it, you break the terms and conditions and they’ll charge you for it.”

Users can expect outrageous and exorbitant fees for breaking the conditions on these data plans, according to Tauschek, especially if they are tethering outside of their coverage area. The most famous example in Canada came last year when an oil worker, using his cell phone as a modem for his computer, received an $85,000 cell phone bill from Bell Mobility. Bell later agreed to reduce the charges to $3,400 out of goodwill.

The third major carrier in Canada, Rogers Wireless, does not explicitly prohibit the use of tethering, but surfing the Web with your laptop will certainly lead to some overage charges, Tauschek added. “However, I will give credit to Rogers’ new pricing plan, which caps potential for data charges to $100.”

From a security point-of-view, O’Leary said that WalkingHotSpot creates an ad hoc network between your handheld and the machine you are using to connect to it.

“You don’t have to worry about security issues,” he said. “You’ve got full control over who gets on or off, you can make it as wide open or tight as you want, and you can white- or blacklist users as you see fit.”

But according to Tauschek, the assumption that users are security conscious enough to ensure they’re creating a secure connection is a risk that enterprise IT managers can’t take.

“If you leave it unsecure and accidently leave it on, anybody can connect through your phone, so that’s a security issue that a lot of people are going to make,” he said.

The fact that many users will probably not install a password, encrypt their data or use a VPN connection, is a major warning sign for IT managers, Tauschek added.

“If I was an enterprise IT guy, I would specifically prohibit this sort of usage,” he said.

Related Download
Real-time visibility Sponsor: Interactive Intelligence
Real-time visibility
Get real-time visibility in the contact centre. See immediate benefits. Real-time visibility in the contact centre is crucial. When you do not have the info you need to make decisions, you lose out on the single best way to create a competitive advantage. Solving this issue is simple, though.
Register Now