Wireless networks are both convenient and flexible, however if they are not properly secured they can make your company more vulnerable to outside threats. Here are eleven ways to lock down your business's wireless network.
Wireless networks are popular in small and midsized businesses because they are easy to set up and convenient to use. However, if a wireless network is not properly secured hackers within range can access it and infiltrate your network.
Here are eleven ways you can lock down your business's wireless network and keep hackers at bay:
1. Use a Strong Password for Your Wireless Router's Administrator Account
Many wireless routers ship with a default password for the administrator account. It is important that you change the default password to a strong one that is at least eight characters long. The password should include uppercase and lowercase letters as well as numbers (but not in a predictable pattern). When possible, you should also include special characters, such as percent signs and asterisks.
2. Change Your Wireless Router's SSID
A wireless network's name is called a service set identifier (SSID). Many vendors ship their wireless routers with the same default SSID. Keeping the default SSID might signal to a hacker that your wireless network is not properly configured and vulnerable to attack, you should change your network's SSID to a unique name.
3. Make Sure Your Wireless Router's Firewall Is Enabled
Most wireless routers have built-in firewalls, however sometimes they ship with the firewall turned off. Whilst checking the firewall settings it is a good time to also check your other security settings on your router. Your IT service provider can help you determine whether your firewall is properly configured.
4. Use WPA2 for Wireless Communications
Every wireless router offers encryption. Encryption scrambles your data and makes it unreadable, except by the recipient. Three common encryption protocols are Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and Wi-Fi Protected Access 2 (WPA2). Using WPA2 is best as it employs the hardest-to-crack encryption algorithm. If you have an older router that does not support WPA2, you can use WPA. Do not use WEP as it is outdated and easily hacked.
5. Disable WPS If You Are Using a Consumer-Grade Wireless Router
It is not uncommon for businesses to use consumer-grade wireless routers. These routers often include Wi-Fi Protected Setup (WPS), which provides a user-friendly front-end for encryption protocols such as WPA2. With WPS, users can connect a device to a wireless network by simply pushing a button or entering a personal identification number. Hackers can exploit a vulnerability in WPS to gain access to wireless networks, if your wireless router supports WPS disable it.
6. Disable Your Wireless Router's Remote Management Feature
Many wireless routers have a feature that lets you manage them from a remote location. Unfortunately, it often leaves routers susceptible to attacks and for this reason you should disable remote management if you do not need to use this feature.
7. Make Sure Wi-Fi Sense's Network-Sharing Functionality Is Disabled on Windows 10 Devices
Windows 10 and Windows 10 Mobile include a feature called Wi-Fi Sense. Besides helping users find open Wi-Fi hotspots this feature lets them share their Wi-Fi networks without sharing those networks' passwords. Users can share their Wi-Fi networks with their contacts from Facebook, Skype, and Outlook.com, however Users cannot specify individuals within a group (e.g. within Facebook) — the network is shared with all the contacts in that group.
Although the contacts can only use the network to get online, you might not want your employees sharing your business's wireless network. If that is the case you need to make sure Wi-Fi Sense's network-sharing functionality is disabled on your Windows 10 and Windows 10 Mobile devices.
8. Consider Using MAC Address Filtering
Each device that is able to connect to a Wi-Fi network has a unique ID called a Media Access Control (MAC) address. You can configure your wireless router to check the MAC addresses of devices trying to connect to it, allowing connections only from the devices it recognises. Admittedly, it takes time and effort to enter the MAC addresses of all the devices allowed to access your wireless network, but your network will be more secure.
9. Keep the Wireless Router's Firmware Updated
Every wireless router has firmware. Firmware is software that gives the device its functionality. Like any other type of software firmware sometimes has bugs or security vulnerabilities. When you keep your wireless router's firmware updated, known bugs and vulnerabilities are fixed making your router more secure.
10. Log Out of the Wireless Router's User Interface
Most wireless routers have a browser-based user interface used to configure router settings. If you leave this interface open and someone gets access to your computer your router is vulnerable, so best practice is to always log out when you are finished configuration.
11. Protect the Computers That Access Your Wireless Network
Despite your best efforts hackers may still infiltrate your wireless network. For this reason you need to use security software (anti-virus/anti-malware) on all the computers that access your wireless network. In addition, you need to keep those computers' operating systems and applications updated so that known bugs and security vulnerabilities are patched.
Speak to the team
Enter your details below & we will call you back to discuss how P2 can help make IT simple.