WiFi is a common technology found is many small-large businesses. Over the years many vulnerabilities have been exploited by threat actors to sabotage company data and infrastructure. This has caused much grief for business owners. So if you deploy WiFi on your business network, how secure is it?
What is WiFi
WiFi (Wireless Fidelity) is a common networking technology made popular for its simplicity of use and wide range of compatibility for wireless devices. It allows our wireless enabled devices to access the internet. Many companies decide to include an Access Point (AP) in their business network to connect anything from work laptops, desktops, printers, tablets, etc. If you have WiFi deployed at your business we’d like to share some great tips on securing your network.
Steps to securing your WiFi network:
1. Make sure your router is in a safe location
Individuals seeking to do harm on your network may be able to patch in simply due router misplacement. Always choose a more secure location rather than convenient (For example: Add your router in a network closet/rack instead of by the front door left unattended.)
2. Use strong passwords on your networking gear
Believe it or not using the default credentials on networking gear is more commonplace than you would think. Not only are these passwords typically not very complex, but also everyone else deploying similar hardware may have the exact same password (Example User=Admin Password=Pa$$word!). Hackers know these simple default passwords as well. It’s a simple yet crucial step to replace these passwords with ones that are as long and complex as you can make them.
3. Update your gear often
Many routers and firewalls have automatic updates turned off by default. These updates can carry vital security updates and crucial firmware fixes. Even if you enable automatic updates on these components, make sure you are checking frequently that auto-update is enabled and the firmware is the most recent version. Of course, if your network is managed by IT Administrators, make sure to check with them first.
4. Use Secure WiFi Standards
Many modern routers allow for modern security encryption. Encryption is the step where plain text is converted (encrypted) so that people cannot easily see what you are doing on your device. Typically using the latest WiFi encryption standards is the best way to go since each next iteration usually contains huge security benefits. Usually, you will see options such as: WEP->WPA->WPA2->WPA3. As WiFi advances, so does its security. At the time of this article being written WPA 3, despite not being completely impervious to threats, is widely considered the most secure wireless protocol available today.
5. Separate Devices on your network
Some modern routers have the ability to separate or segment your network. This means having the ability to create separate networks for different devices. Some common ways to use this technology is if you have any Smart Devices, assistants or appliances connect to a “Smart Appliance” network which is separate from, say “Accounting” or “Administrators”. One benefit to doing this is in the event of a breach for example on the smart appliance, its much harder for the attacker to easily see your other devices on your other segmented networks, and provides ample time for you to address the security breach.
6. Wireless Configuration
Make sure to spend some time setting up your network and network name (SSID). One common security flaw happens when companies use sensitive information in the network name. Remember this is usually able to be seen by any WiFi enabled device. Never have any elements of your company passwords included inside your networks name. Unfortunately, this is more common than you might think.
7. Use a Guest Network
Similar to network segmentation, if your company provides internet access to customers or the public, make sure to use a separate guest network. This helps segment network traffic away from internal devices and workstations.
These steps are a great way to begin hardening your network to thwart potential attackers from infiltrating company data. We recommend always keeping yourself up to date with the latest in WiFi technologies to help keep your business safe.
OnPoint Computer Solutions
References:
Commenti