Wi-fi Security Made Simple
Failure to implement basic Wi-Fi security practices is leaving organisations vulnerable to digital security threats, yet there are simple steps you can take to increase your protection.
Separating guest Wi-Fi access
Free guest Wi-Fi is no longer a perk, but an expectation. Whether customers are visiting the bank or barber, their local coffee shop, museum, or department store, they expect to be able to find an internet connection. The same is true for business meetings. If clients or business partners visit, it is very likely they will want to be able to access their emails, calendars, and cloud-based files from your offices.
Guest Wi-fi Access is risky!
Allowing anyone from outside your organisation to access your company’s private Wi-Fi is risky. Not only could viruses and malware reach your network from guests’ infected devices, but it could also provide a hacker with a route into your company’s vital information and systems. As Wi-Fi becomes more powerful, it broadcasts further. Someone who has accessed your Wi-Fi previously could automatically connect to your network weeks or months later, without even being in your building affecting your wi-fi security.
For organisations of all sizes, creating a second Wi-Fi network for guest use is the safest solution. It increases security by segregating access to your company’s main network.
Changing default information
An alarming number of people fail to rename their SSID (wireless network) or even change the default admin password. This makes a hacker’s job much easier since the SSID often identifies the type of router. This gives potential attackers more information about your network which they can use to break into it. For example, a hacker can attempt known default passwords for specific routers.
Turning off Wi-Fi Protected Setup (WPS)
WPS is designed to make connecting wireless devices to a router quicker and easier. Rather than entering the wireless key, devices can be connected by pressing the WPS button, or by entering an 8-digit PIN, both located on the side of most routers. The thinking is that unauthorized hackers lack physical access to the Wi-Fi router and can’t press the button or see the sticker.
There are two reasons why this isn’t necessarily true. Firstly, guests on your premises are usually there with your knowledge, but you might not know they are untrustworthy at the time. They might be a customer, a salesperson, a delivery driver, a tradesman, a potential business partner, or posing as any of the above. All it takes is the press of a button, and an opportunist hacker could use WPS to pair their devices with your network.
The second vulnerability relates to the 8-digit PIN. With WPS enabled, users can enter the PIN to authenticate to the Wi-Fi router. It is more convenient to type 12345678 on a tablet or mobile phone than a more complex password, such as $hU7(&sw13%. Unfortunately, the simplicity of the 8-digit PIN has made WPS vulnerable to brute-force password guessing. Attackers will only need to make a few thousand guesses (taking just a few hours) and they can break in without having stepped foot inside your premises.
Protect your organisation from attack by switching off WPS after you have used it to set up your devices. It is also recommended to log-in to your router to see what devices are connected. If there are devices you don’t recognise, or more listed than there should be, you can investigate these and block their access if necessary.
If you need any help with your wi-fi security, please give us a call on 0844 586 0040. We are here to help