Tips to protect your business' cordless network
Enamored by Wi-Fi's convenience, we tend to be blind to its threats. Many routers are riddled with security holes that leave your data exposed to enterprising hackers and other intruders. And if you're running a business, the jeopardy is even greater. To keep your wireless network secure, follow these eight security tips.
Change the default password
If you didn't do it when you established your router, instantly alter the default password. This is a vital step considered that the default passwords for all network equipment suppliers are widely known and just a quick search away.
Use only WPA2 file encryption
The unidirectional nature of Wi-Fi signals demands using encryption to prevent next-door neighbors or harmful parties from spying on your online activities. Despite the fact that the alternative is still readily available for legacy reasons, prevent WEP encryption as it can be cracked in minutes. Usage just WPA2, which presents a brand-new AES-based encryption for much better security over WPA. There's actually no excuse not to: Every Wi-Fi router bearing the Wi-Fi trademark today supports it, as does every cordless device and Wi-Fi adapter card made in the last few years.
Utilize an intricate passphrase
Regardless of the lack of known weak points in WPA2, it is vulnerable to strength attacks when utilized with an easily thought passphrase. Specialized software application makes it trivial for assaulters to process recorded wireless data packets against big dictionary lists to obtain a match. To foil such attacks, use a passphrase including at least 25 characters consisting of a mix of letters (upper and lower case), characters and symbols.
Prevent common SSID names
One typical suggestion is to not relay the SSID (Service Set Identification). While this could be used to throw off novice efforts at breaking in, concealing the SSID is worthless against a half-competent hacker.
Nevertheless, it's good practice to not use the default SSID, in addition to common names. Hackers have established pre-computed tables of password hashes referred to as a "rainbow table" to discover the WPA passphrase quickly. These tables are keyed to individual SSIDs, and using one that is not on the list would force an opponent to adopt a more time consuming method without the advantage of a ready-to-use rainbow table.
If your Wi-Fi router supports Wi-Fi Protected Setup (WPS), disable it. Created as an easy to use method for users to include new gadgets to their network, the WPS PIN is an 8-digit number printed on the label of WPS-enabled devices. Depending upon vendor implementation, nevertheless, it is likely to be prone to strength attacks.
WPS makes it easier to include gadget to your network, however it likewise makes your network more vulnerable.
An assaulter can break the PIN code of a susceptible device with in between 4 to 10 hours of automated effort, which would permit them to recover your secret passphrase and make changes to your Wi-Fi hardware.
Establish a guest network
It would be bad form to reject buddies and relatives access to your Wi-Fi network when they're checking out. But distributing the fixed passphrase to everyone is bad security. Rather, set up a different wireless network under a 2nd SSID, a function supported by an increasing number of cordless routers. Having a separate network for guests permits you to consistently alter the passphrase without impacting your very own gadgets. You can even disable it totally when not in use.
Forget MAC address filtering
The MAC (media access control) address is a distinct identifier hardcoded to specific ethernet ports and Wi-Fi devices. Nevertheless, the actual efficiency of this is dubious, because it's unimportant to spoof a MAC address.
Many Wi-Fi gain access to points will enable you to filter out unauthorized MAC addresses, though the security advantages are dubious.
Unless you understand what you are doing here, we would prompt against using MAC address filtering due to the inconvenience and hassle that can result from a misconfiguration. Furthermore, having to manually add each and every single tablet or smartphone that you get is a performance downer.