With technology rapidly changing, Wi-Fi internet security can often be overlooked. Whether you are a small business or work from home, you should be aware of the simple fixes that will prevent future problems. Below are some useful tips for securing your network.
Wi-Fi routers and access points are, by default, not secure when you purchase them. Unless you have enabled encryption, anyone nearby can easily connect to your network. At best, they will just use the free wireless internet for browsing and downloading, possibly slowing down your connections. However, if they wanted to, they could possibly access your computers and files. They also could easily capture your passwords or hijack your accounts for websites and services that don’t use SSL encryption, such as some web-based email clients, Facebook, and Twitter.
If your Internet service provider (ISP) set up your Wi-Fi, it likely has enabled encryption. This version of encryption, however, may be an older security option that’s now easily breakable: Wired Equivalent Privacy (WEP). If your Wi-Fi network is using WEP, you can switch to WPA (Wi-Fi Protected Access) or WPA2 which is even more advanced. Nearly every router offers these and the various advanced modes that offer businesses various levels of security and convenience.
The Personal mode of WPA/WPA2 is easier to set up, but is subject to brute-force dictionary cracking. This means that someone could potentially come up with your encryption passphrase by running software that repeatedly tries to guess it from a dictionary of common words, passwords, and combinations. However, this isn’t a likely issue if you create a long and ‘random’ passphrase when setting up the encryption, using no words or phrases that might be in a dictionary.
The Personal mode, though, is not suitable if your organization has more than a couple of Wi-Fi users. In this mode, all computers and devices connecting to the network are set with the same encryption passphrase, which creates issues when employees leave the company or a device becomes lost. You’d want to change the passphrase when such occasions arise–but that means you must change it on all access points and every Wi-Fi device.
The Enterprise mode of WPA/WPA2 is much more complex to set up and requires a server, but it provides better security for organizations. Along with the security itself being stronger, this mode provides each Wi-Fi user with their own username and password for logging onto the Wi-Fi instead of a global passphrase. This means that if an employee leaves the company or their device is stolen, you only have to change their password on the server.
The Enterprise mode also prevents users on your network from snooping on each other’s traffic, capturing passwords, or hijacking accounts, since the encryption keys (exchanged in the background) are unique to each user session.
If you aren’t sure your Wi-Fi is encrypted, you can quickly check. On a PC or device that’s connected to the Wi-Fi network (or at least has Wi-Fi), simply open the list of available wireless networks and find the name of the network you use. In Windows, click the network icon in the lower right corner of your screen. On a Mac, click on the network icon at the top right, next to the volume button. If you see a symbol shaped like a lock, it is a secured network. Clicking on that network will provide more specific information. Do you have frequent guests at your business who need wireless network connections? Many routers offer a Guest Network option that will allow connection, using a separate password. Your files remain secure and your client stays productive.
A proper wireless configuration at the workplace is only the beginning of ensuring security for your business infrastructure. There are other factors and methods to be aware of when away from your secure network. If your business has a need to connect to the network remotely or has employees who work from home or while travelling and must have remote access from a mobile device, we’ll be posting an article on this shortly. This article will explain how to maintain your privacy and security away from the workplace, including how to connect to your network remotely.