The Importance of Wireless Network Security
In most of the meetings I attend, I have my laptop going so I can take notes, do research, or access information pertinent to the subject. For many of these tasks, a network connection is required. Wireless networks provide the freedom of connecting – for work or play – anywhere you have a signal. They can boost productivity, enhance collaboration, and provide access to multimedia for enjoying your favorite movie from the couch. Since wireless is an extension of your protected network, it’s important to make sure it’s secured.
You might not consider network security all that important as you sip your latte, connecting to a public wireless network. However, this is one area you need to be cautious. In public locations, where many users connect to a common wireless network name and thus are on the same network, hackers might try to target your device. Often, public wireless hotspots are not configured to block computer to computer communication. This means someone with the right know-how could connect to your device over the public wireless. There are numerous tools that will scan a network searching for devices, and report back the device name, IP address, operating system – even scanning for possible entry points to exploit. But there are ways to limit your exposure. You can enable the firewall on your computer, which blocks all external connections, thereby preventing anyone from connecting to it over a network. To enable this in Windows, go to Control Panel > System and Security > Windows Firewall; on a Mac, under System Preferences > Security & Privacy > Firewall. On a Windows computer, when you connect to a wireless network for the first time, you are prompted to select a location – Home, Work, or Public. Choosing public greatly increases the security by turning on the firewall, disabling network sharing and network discovery. If you offer a public wireless network at your business, make sure it’s configured properly – don’t use the default configuration passwords, and enable “wireless client separation”. This setting disables computer to computer networking on the wireless connection, thereby keeping everyone separated while using the wireless connection. And remember, your business wireless network and public wireless network MUST be completely isolated. Allowing the public to connect to your business wireless is a major no-no, and can result in stolen data, credit card fraud, or worse.
First Levels of Defense
In a business, wireless network security should be high on the list of priorities. For starters, never use the default passwords on your wireless devices, and keep them updated to the latest firmware (firmware is the software that runs the device, and updates help plug any security holes the manufacturer may have discovered). Also, make sure you have enabled wireless encryption with a minimum of WPA2, using a complex security phrase. WPA2 prevents anyone from connecting unless they enter the proper security phrase, much like a password. Be aware though, if you have an employee leave, and they still know the WPA2 security phrase, it’s possible they can still connect to your wireless network. Therefore, be sure to change the WPA2 key when you have a staff member leave. In larger businesses, using a wireless network with EAP (Extensible Authentication Protocol) allows you to control who connects by using your server. Users with a valid username and password, and company provided device, can connect to the wireless network. It also simplifies employee’s abilities to connect to the wireless by using their network username and password, and prevents past employees from access. If you have vendors or customers who desire to use your wireless, avoid providing them access to your company network. If their computer has a virus, it’s possible it could infect your network. Also, they could potentially access confidential data. In these cases, it’s a good idea to have a separate “guest” wireless connection. You should still secure it with a security key, and change the key often.
Home Security is Serious Business
At home, securing your wireless network is just as important as securing your business network, and many of the same rules apply. Changing default passwords, updating to the latest firmware, and enabling WPA2 encryption with a complex passphrase are minimum requirements for a secure wireless network. Use a minimum of 8 characters, upper and lowercase letters, and numbers. Most home wireless routers offer a “guest” wireless feature as well, and enabling this with a security phrase will keep freeloaders off your wireless, but let friends connect. If you take the time to read the manual, you may find that your wireless device provides a list of “connected” devices. This list can allow you to make sure only devices known to you are connected, and identify anyone connecting without your approval.
Most smartphones and tablets today will automatically connect to “open” or unsecured wireless networks. I highly recommend disabling this feature, and requiring you to manually connect the first time a wireless network is detected. A good example of why was recently reported. A bug in Apple’s iPhone, iPad and iPod devices allows a remote hacker to crash the devices, rendering it useless in a state where it constantly reboots. All that’s required is for you to connect to a wireless network they have setup, so they can access your device to send the exploit. Disabling the ability to automatically connect will allow you to verify you do indeed want to connect, and trust the network.