Because wireless networks are simple to set up and generally work without needing constant adjustment, they're easy to neglect. Yet for a hacker, your wireless network could provide the easiest route into your business data.
It's vital you protect your wireless network from unauthorised users. These 11 steps will help you lock it down and keep it safe.
1. Use WPA2 encryption
You probably know that you should protect your wireless network with encryption, so people can't connect without entering a password.
But did you know that different levels of encryption offer different levels of protection? Make sure you use WPA2, which is the most secure option for everyday wireless devices.
2. Turn off guest networking
If you have a guest wireless network, there's a good chance that it's unsecured. This makes it easy for guests to get connected. But it also makes life easier for hackers.
Unless absolutely necessary, it's best to keep guest networking turned off.
3. Change standard passwords
Many routers and other wireless devices share standard passwords. That means if you don't change the admin password on your wireless router, hackers can break in by entering the standard password.
Change this to a strong password. Use a combination of upper and lower case letters, numbers and symbols.
4. Change the standard network name
The name of your wireless network is also called the SSID. Often, this is set to the make and model of your wireless router.
If you leave this as it is, the SSID helps hackers identify your router, so they can try standard passwords or break in via known weak spots.
5. Hide your network's name
Most wireless routers allow you to turn off the 'SSD broadcast' feature. This means your wireless network won't show up when people scan for networks.
Instead, they'll have to know the network name in order to connect. And that gives you another layer of safety.
6. Track who is using your Wi-Fi
Most wireless routers maintain a 'device list' showing all devices that have been connecting to your network. Some will alert you when a new device connects.
Check this list every now and then. If it contains any devices you don't recognise, always investigate.
7. Switch on MAC address filtering
Every wireless device — like your laptop, smart phone or tablet — has a unique ID called a MAC address.
When you turn on MAC filtering, you can tell your router which MAC addresses should be allowed to connect. If a hacker's device isn't on the list, they won't be able to get in.
8. Isolate your devices
If your wireless router offers this setting, isolate the devices on your network. This means that although they'll be able access the internet, they won't be able to discover each other.
This provides another layer of defence. If a hacker manages to access your network, they shouldn't then be able to reach servers, computers or other devices.
9. Keep firmware up to date
Firmware is the basic operating system that tells your router what to do. Like the software on your computer, it may need updating now and again — sometimes to fix security problems.
Although firmware updates are not released as frequently as software updates, it's worth checking for them now and again.
10. Use firewall settings
Most wireless routers have some sort of firewall built in to protect your network from malicious attackers.
No matter how basic the firewall is, switch it on. It's certainly better than nothing. If you're in the market for a new router, perhaps pay extra for one with a more advanced 'stateful protection' firewall built in.
11. Use WPS with caution
WPS stands for Wi-Fi protected setup. It's a simple way to connect new devices to a wireless network. All you have to do is press a button on your router, then connect your device.
However, a major WPS security flaw was discovered in 2011. As a result, it's better to disable WPS and connect devices manually.
This post is by Adrian Case from Akita.