Wi-Fi Security: An essential guide for businesses
Today, Wi-Fi delivers speed on unprecedented levels – yet equally businesses face a cyber-criminal underworld who become ever more advanced at the techniques they have at their disposal. Never has it been more important for modern businesses to protect against the plethora of threats that loom large on the horizon.
“A Wi-Fi attack on an open network can take less than 2 seconds”
With this in mind here we dive into the details of protecting a Wi-Fi network – and we look towards three fresh faced threats that should be considered going forward.
A little background: Businesses, sit up and take note
Wi-Fi has revolutionised the modern workplace: setting employees free from their desks and empowering businesses to use technology is ever more productive.
Yet there’s a problem: businesses on mass scales are overlooking Wi-Fi security.
“A wireless scanner in London picked up 81,000 networks – up to 30% of which had no encryption or used the well-publicised weak Wired Equivalent Privacy (WEP) encryption protocol”.
Six essential steps toward basic Wi-Fi security
1. The right security option
The first, and in many ways the most essential, step for Wi-Fi security is the selecting of the right form of security. The options that you have may include the following:-
WEP is known to be weak as compared to other options (the vulnerabilities of WEP open up a network to certain forms of attacks, including: Passive attacks to decrypt traffic; Active attacks to inject new traffic; Active attacks to decrypt traffic and Dictionary-building attacks).
Choosing to use both WPA and WPA2 serves as an attractive proposition for a business – and is a method that can present a confusing setup for hackers to breach.
2. A unique SSID name and password
The default SSID name and password that are as supplied when a network is set up can be one of the easiest ways for hackers to gain access to your network. You should therefore choose both a SSID name and password that is completely unique (using good practices, such as upper and lower case characters, numbers and special characters such as ‘?’, ‘$’ and ‘&’). You can also hide the name.
Common SSID names (including ‘default’, ‘main’ and business names) should be avoided.
3. Turn off the remote login feature
Whilst Remote Login can provide you with useful controls over your network, it can equally serve as a Wi-Fi security threat. Turning it off completely is the most effective solution to a network that may otherwise be made vulnerable.
4. Ensure that your ethernet ports are secure
Regardless of the robust steps you take to ensure your remote login is protected, ensuring that your Ethernet ports are secure remains essential, particularly as an Access Point can be plugged in and go unnoticed (which effectively provides direct access to your network with very little effort from a hacker).
You should therefore ideally have hidden Ethernet ports (especially in customer facing areas).
Business Wi-Fi: Three emerging threats upon the horizon
Always evolving and advancing your IT security knowledge is a non-negotiable if you’re to protect your business from cyber-attacks. The foundation of which is an effort to always learn more about the threats, trends, tools and techniques that are emerging that could represent a game changer as far as your security approach is concerned. With this in mind here we take a look at three such examples.
BYOD: Bring Your Own Device
Two thirds of enterprise level companies now allow their employees to bring their own devices (Deloitte) – this has created an immediately mobile workforce, and provides potential for the cutting of hardware costs in an instant. Yet it has equally thrown up all manner of security issues, not least of which is peer to peer networking that comes from a valid IP address.
Moving from Wi-Fi for employees only, to Wi-Fi for all
The transition from providing Wi-Fi solely for employees, and extending to offer Wi-Fi for customers and visitors to your premises is a move that should be carefully considered.
The challenges associated with this are far and wide ranging, and command plenty of research. However as a starting step it’s essential to use different routers to ring-fence your business network.
Social engineering has long since served as a favoured tool by the IT underworld (with techniques such as email phishing for passwords) – yet today these hackers are making bigger and bolder moves. For the business, the need for employee IT security education is a must, as hackers are increasingly targeting employees by posing as other members of the workforce who may be on holiday or based in a different department. The importance of this is no better demonstrated by an attack that was successful on RSA Security (a company that specialises solely in IT data security, no less!).
Now is the time to bolster your wireless security.