We used to advise people to do banking and other important business over their cellular connection when using a mobile device, since it is generally safer than connecting with a public Wi-Fi network. But even that isn't always a safe bet. Researchers have demonstrated how a portable cell tower, such as a femtocell, can be used for malicious ends. The attack hinges on jamming the LTE and 3G bands, which are secured with strong encryption, and forcing devices to connect with a phony tower over the less-secure 2G band. Because the attacker controls the fake tower, he can carry out a man-in-the-middle attack and see all the data passing over the cellular connection. Admittedly, this is an exotic attack, but it's far from impossible.
Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) is an EAP type that is used in certificate-based security environments. If smart cards are used for remote access authentication, EAP-TLS is the required authentication method. The EAP-TLS exchange of messages provides mutual authentication, negotiation of the encryption method, and encrypted key determination between the remote access client and the authenticator. EAP-TLS provides the strongest authentication and key-determination method.
VPNs help enable users working at home, on the road, or at a branch office to connect in a secure fashion to a remote corporate server using the Internet. From the users perspective, the VPN is a point-to-point connection between the user's computer and a corporate server. The nature of the intermediate network, the Internet, is irrelevant to the user because it appears as if the data is being sent over a dedicated private link.
Typically, when you try to access a website on the Internet, your ISP (Internet Service Provider) receives the request and redirects you to your destination. As your Internet traffic passes through your ISP, they can see everything you do online. What’s more, they can track your behavior and sometimes even hand your browsing history over to advertisers, government agencies and other third parties.
That attitude to the safety and privacy of personal data creates an enormous online security risk. Public Wi-Fi networks, which are ubiquitous and convenient, are unfortunately also highly convenient for attackers looking to compromise your personal information. How do you know, for example, that "starbucks_wifi_real" is actually the Wi-Fi network for the coffee shop? Anyone could have created that network, and they may have done so in order to lure victims into disclosing personal information over it. In fact, a popular security researcher prank is to create a network with the same name as a free, popular service and see how many devices will automatically connect because it appears safe.