What are the best practices for individual users when accessing a public / municipal wireless network?

• Always treat a municipal wireless service as an untrusted network and do not give out personal / sensitive information if an encryption channel such as SSL is not available. It is also not a good idea to access company servers from a municipal wireless service without the protection of a Virtual Private Network (VPN) or similar encryption mechanisms to ensure the confidentiality of communications. Split tunnelling, which allows a person to connect to the Internet while at the same time maintaining a VPN connection to a private network, should also be disabled when using VPN. • When connecting to a public hotspot, you may be redirected to a captive portal page. Attackers have been known to set up fake captive portal pages to obtain sensitive information. Therefore, it is important to check the authenticity of a captive portal by verifying the certificate of the website in question. • Some operating systems offer a feature for the user to create a list of preferred wireless networks. ...  more