Wireless internet access has become crucial to the functioning of most businesses. Along with the flexibility and convenience, however, comes a certain level of vulnerability. Unscrupulous people will happily exploit any weaknesses in your network to steal your data, costing you hard-earned money. With the following tips, you can protect yourself – and your business.
What you can do
Change your WiFi password and network name.
Every router comes with a preset password, often printed on the side or bottom. These default passwords can easily be bypassed by thieves looking to steal your data. To prevent this, never leave the router’s default password in place!
For extra protection, the password should be changed quarterly and whenever an employee leaves the business. A strong password should be 15 or more characters long and should include a mixture of letters, numbers, and special characters. It should also be unique, not reused in other places as this heightens the chances of the password being compromised.
By default, most routers use a network name that identifies the brand and model. This information can help hackers find a way into your network, so choose a network name that doesn’t give away unnecessary details.
Keep the router secure.
Preferably, your router should be kept in a place that requires a key or passcode to access, such as a locked cabinet or office. Keeping your router physically secure prevents would-be thieves from tampering with it. Be careful not to place the router behind too many obstructions though, as this can negatively impact the strength of your WiFi connection.
Update the router’s software regularly.
These updates contain crucial information about new security threats and how to counter them. Ignoring them is like locking your front door, but leaving the back door unlocked – it leaves you vulnerable! Consider setting your device to update automatically to keep your protection current.
Have firewalls on both your computer and router.
This is a fairly easy way to add an extra layer of security. Your router may use SPI (Stateful Packet Inspection) or NAT (Network Address Translation). Either way, we recommend enabling it.
Separate access for employees and customers.
Once a thief is inside your home, taking your valuables is not difficult. Likewise, once a thief has access to a network, accessing the data inside it is relatively easy. To protect yourself, use an SSID (Service Set Identifier) to create two separate access points, one private and one public.
Eliminate unofficial access points.
An unofficial, or ‘rogue,’ access point is any workaround or backdoor route into your network. These aren’t always malicious – they might be created by a hardworking employee with a spotty connection – but they are a vulnerability. If you have a fairly large network, consider occasional access point scanning.
Use WPA or WPA2.
Check the default encryption protocol that your router uses. It should be either WPA (WiFi Protected Access) or the updated WPA2. If your router is using WEP (Wired Equivalent Privacy), look into updating it – unfortunately, WEP is outdated and easy to hack.
Disable WPS.
If it sounds too good to be true, it probably is. That’s certainly the case with WPS (WiFi Protected Setup), which allows users to access a network with a simple PIN or the push of a button. Both options are much easier to bypass than a strong password, leaving the network vulnerable. Be sure to disable WPS and remember to keep your router physically secure.
Consider turning off or limiting DHCP (Dynamic Host Configuration Protocol).
This is how IP addresses are assigned to the devices on your network – your router does this automatically. Limiting the range of possible IP addresses limits how many devices can connect to the network. Turning DHCP off completely means that you must manually assign an IP address to each device. However, since so many devices require WiFi these days, limiting or disabling DHCP may be impractical unless access to the network must be very tightly controlled.
The most critical step
The greatest weakness in any security system, including WiFi security, is its users. None of the above tools will protect your data if your employees are careless about security. Train your employees to use strong passwords, change them regularly, and never bypass firewalls or other security measures.
A final reminder
You might feel as though you don’t have anything worth stealing on your network. That won’t stop hackers from trying to break in! They’ll seize any opportunity to slip in and grab whatever data they can get. Be safe, not sorry – protect yourself by putting these tips to work.
