The expectations for a wireless network are so immediate that we often forget there are risks involved in its use. As a general rule, routers contain a variety of security holes that can leave your data exposed to experienced data hungry hackers and intruders. While any data theft is a serious issue, in a business setting it can be disastrous. If you’d prefer to be focused on your company’s growth and not its persistent security issues, follow these tips for a more secure network.
Your default password should not stay the same for a prolonged period of time. If it wasn’t changed when your router was set up, make the change as soon as possible. Default passwords are commonly known among equipment vendors and are, thus, easy targets for hackers to pick up on.
When choosing your Wi-Fi encryption, use only WPA2 instead of WEP. The reason for this is that WEP is very easy for hackers to break into, whereas WPA2 provides an improved AES-based encryption tactic for better security over WPA.
In that same vein, it’s also important to go with a complex passphrase that cannot be easily deciphered by a computer system. Newer software has made it a huge challenge for attackers to process intercepted wireless data packets to try and obtain a passphrase match. The secret to preventing such attacks is to use a passphrase of at least 25 characters that includes a mix of upper and lowercase letters, numerals, and symbols.
Staying consistent with passwords includes avoiding common Service Set Identification names for your network. It’s best practice not to use the default SSID, as well as common names that would be easily decipherable. Using a unique name creates a great challenge for hackers who would not be able to use one of their ready-made “rainbow tables” that work to find passphrases quickly.
If your router supports a Protected Setup, disable it immediately. The problem with the WPS is that its original use for adding new devices to a network has been co-opted by being printed on labels of WPS-enabled devices. This particular setup is more easily susceptible to a hacker attack and should therefore be disabled for your security.
Another easy way for hackers to infiltrate your network is to keep a static passphrase that guests and visitors would be routinely using. Guest networks come in handy for this reason. They are easily accessible to multiple users and have a passphrase that can be changed without affecting other devices.
If you’re confronted with the choice of using MAC address filtering or bypassing, we would suggest the latter. The Media Access Control address is a unique identifier for individual ethernet ports and Wi-Fi devices. While somewhat useful, its overall effectiveness remains in question as it is easy to fool a MAC address into providing access. It’s recommended to avoid using MAC address filtering unless you’re an experienced professional who understands what you’re doing. If done improperly, a misconfigured MAC address can create more headaches than the original setup.
Don’t make a hacker’s job easier by unintentionally enabling admin access to your wireless network. When you disallow access to your network, it sends a serious message to would-be hackers that you aren’t messing around with your network security and that they should look elsewhere. If you’re still concerned with your network’s security vulnerability, the next step is to go to a wired network, which further limits the access of a cyber or data thief.
For more questions on maintaining a secure wireless network, contact GMS Business Communications at 404-525-6216.