9 Key Steps You Should Take to Secure You Business WiFi
It's hard to operate any sort of business or even connect with family and friends without a wifi connection. It's how you connect with clients, distributors, and every other aspect of your business.
If your business is just getting off the ground, you may think that paying for your own WiFi doesn't need to be a top priority. After all, you can take your laptop to the nearest Starbucks or McDonald's and sit for hours for free. While this is true, using public WiFi also creates all-new cyber threats that you wouldn't have to worry about otherwise.
If you're worried your business might be at risk, keep reading to learn 10 ways to secure your business WiFi before it's too late.
Types of Cyber Threats
When some people picture hackers, they think of the classic computer nerd, sitting in their parents' basement, eating Doritos and chugging Mountain Dew. However, most business hackers are far more malevolent than that. Some of the top hacking methods and security attacks include the following:
Using public WiFi means that the login information of you and your staff is open to anyone skilled enough to find it. Hackers can wait in hiding to intercept your information when you log in. Changing passwords is definitely a step in the right direction, but it isn't full-proof.
Rogue WiFi Attacks
Some hackers have enough skill to create entire WiFi networks for the sole purpose of stealing your personal and client information. Any network with the name "Free WiFi" or another vague title may be a trap set up for the unsuspecting remote employee.
Unsecured WiFi networks can also provide opportunities for hackers to plant malware in your network. It gets planted right into the coding of your software or spread through email. Malware can show its ugly face without warning and cripple the efficiency of your business.
Attacks Through Ad Hocs
An ad hoc is a person-to-person network build by separate laptops or computers. Many computers are set to automatically connect to others nearby. The original intention of the function was to make it easier to find updates and newer information.
But if a hacker joins this network, it can give them complete access to the files and data on your computer, too. If you don't know how to either protect your network or shut off this function, you're opening the door for hackers and thieves.
This particular threat doesn't have an immediate purpose, but it can still cause trouble down the lines. Often, hackers will have software that allows them to eavesdrop on the networks of remote workers who are using public WiFi. This gives them the opportunity to poke around in your company's data and take anything they want.
The "man in the middle" is a hacker who positions themselves between your employees and the point where they connect to your network. All they have to do is hack into the network that your employees are using and wait. Along with data and client information, it's another way hackers steal usernames and passwords.
Worms are like viruses, only much worse. A virus needs to attach to a particular software in order to be effective. A worm, on the other hand, merely needs to attach itself to a device in order to attack anything and everything on that device.
It can even infect (or burrow into) any other device that's on the same network. A virus or worm isn't planted to steal information, but rather to wreak havoc on a particular network.
Secure Your Business WiFi
All these threats can be detrimental to your business. We're providing 10 ways to ensure your WiFi network's secure.
1. Change the Network Name
The Service Set Identifier (SSID) is the name that the outside world sees on the list of nearby WiFi networks. When you first install your router, it will come with a factory-set name with its model type, like "Netgear" or "Linksys".
These names might seem harmless, but you need to change it immediately after installation. Every router gets broken into a different way. Letting hackers know the make and model of your router and other hardware gets them one step closer to stealing your data.
2. Find a Physically Secure Location
Despite the firewalls and other precautions you might have in place, bypassing a router's security can often be as simple as pressing the reset button as you walk by. Hackers are con artists, and they'll do anything to make their jobs easier.
Solving this problem can be as simple as placing your router in a locked office or out of the public's reach. It's also best to have a security camera on the router at all times in case there is a breach.
3. Update Your Firmware & Software
Firmware is software built into the router. Updating this software might not seem all that important in the beginning. However, using versions that aren't updated allow for weaknesses in security that hackers know how to take advantage of.
These updates are simple and will usually self-install once you download them.
4. Change the Default Router Login
Like changing the network name, this is another security measure that might not seem very important at first. The router login is the username and password used to log into your wifi.
There are lists of default passwords for router brands that can easily be found on the internet. Not changing your password and username on a regular basis can make you vulnerable to someone looking up your router's original password.
It's recommended to change information at the beginning of every quarter and every time someone leaves the company. This will keep your data safe from hackers and vengeful employees.
5. Set Up Private vs. Public Access
Allowing the public to use the same WiFi network as your employees is a recipe for disaster. Your average customer might only want to use your WiFi to check Facebook, but a hacker will take full advantage of the opportunity you've given them.
Use the SSID mentioned earlier to create two different WiFi networks; one for your customers and one for your employees. This will ensure that customers are happy and your business computers are safe from attacks.
6. Use WPA2
Your router will have multiple options for passwords and the default encryption protocol for them is called Wifi Protected Access or WPA. Older routers might have an outdated version called Wired Equivalent Privacy or WEP. The version is extremely insecure and easily hacked.
An easy fix is either updating your firmware as mentioned above or simply replacing the router altogether.
7. Double Up On Firewalls
Your router will most likely come with its own firewall to protect itself against outside attacks. But, these firewalls usually don't activate themselves upon installation. Make sure that your firewall is both activated and updated. Also make sure you are running a firewall that support advanced filtering at the application layer called deep packet inspection (DPI).
It's also important that your computer has its own separate firewall. If not, your software might be accessing the internet and sending out information that you haven't authorized it to. Most Windows 8 and 10 computers have their own default firewall systems.
8. Eliminate Rogue AP's
A rogue AP, or access point, is any unofficial access point to your network. These aren't always bad and are often created by employees who might not have good internet access in their office or from their laptop. However, these access points aren't often as secure as the rest of the network and can easily fall prey to attackers who track them down.
If your network is big enough that you might have a rogue AP without knowing it, it's best to do periodical access point scanning just in case.
9. Turn Off WPS
WPS, or Wifi Protected Setup, makes pairing a device with your network as easy as pressing a button on the router. But like the reset button, this feature can get abused if accessed by the wrong person. Without getting noticed, a person could simply graze by the router and immediately link it to their device.
This can happen even if it's an encrypted router. As mentioned above, it's best to keep your router in a secure location and out of the public's reach. In fact, it's better to keep this function disabled until its needed.
Ensure Your Business' Safety
If you have a small to mid-sized business, your security has never been more important. It's also the last thing you should have to worry about. You have more important things to focus on!
If you're ready to streamline your business wifi security but don't know where to start, Be Structured is your first step. We'll take care of all your IT problems so you can focus on what's really important: your business.