For some reason, the majority of people are completely blind to the risks of their business’ wireless network. Many routers are full of security holes meaning your data is left exposed to hackers who are out there to jeopardise your business. Today we will give you some steps, and if followed correctly, will be sure to decrease your chances of being hacked.
Passwords - Hopefully when your new network was installed, you immediately changed the default password. If not do it now! Companies usually set only a few default passwords for routers, meaning that your password is easily accessible and only a quick internet search away. Despite this, don’t use an easily guessed password either. Use a password containing at least 8 characters including a mix of letters (upper and lower case), numbers and symbols. Using these will remove the ease of hackers attacking your network.
WPA2 Encryption - Although still available, avoid using WEP encryption as it can be easily cracked in minutes. Only use WPA2, which introduces new AES-based encryption for greater security over WPA. All wireless routers that contain the WiFi trademark support this, so there isn’t any excuse not to use it.
Common SSID Names - It is good practice to avoid using the default SSID name. Hackers have developed pre-computerised tables of password hashes known as a “rainbow table” to find the WPA passphrase quickly. These tables are keyed to individual SSID’s and using one that is not on the list would force an attacker to adopt a more time-consuming approach without the benefit of a ready-to-use rainbow table.
WPS… Disable It! - Your wireless router may support WPS (WiFi Protected Setup). It is used for an easy way to add new devices to the network through an 8-digit WPS PIN printed on the back of the router. But because of this, it means that it is suspectable to brute force attacks. An attacker can crack the PIN code of a vulnerable device between 4 to 10 hours of automated effort, which will allow them to recover your secret password and make changes to your WiFi hardware.
Guest Networks - When you have visitors to your business premises, you need to offer them free WiFi. This ensures that there visit is a little more enjoyable and it works favours for your brand image. However, offer this with precaution. Instead of circulating the same password to all of your guests, create a separate wireless network under a second SSID. This is a feature which is supported by a wide range of wireless routers. Having a separate network for guests allows you to routinely change the password without affecting your own devices. You can also disable it completely when it is not in use.
Admin Access - A determined hacker is likely to ruin your system no matter how good the security. That said, you shouldn’t be making their job easier! Disallowing administrative access from the wireless network should keep any successful hacker from wreaking further havoc by making changes to the configuration of your WiFi router. Obviously, this means that any tweaks to your WiFi router will have to be done from a PC on a wired local area network. But the added protection is worth the hassle.
If you would like further information or see how we can help you with our wireless networking services, please get in touch. Telephone: 01604 259467 Email: firstname.lastname@example.org