Let's get back to basics today.
There are few issues more important when dealing with the Internet and WiFi than network security. The ease-of-access that WiFi provides also opens up huge potential security issues, since theoretically anyone within range of your routers might be able to gain access to your system, authorized or not.
Plus, given how strict data protection regulations are in many industries, especially when dealing with customer data, system security isn't simply a good idea. A security breach can easily snowball into a multi-million dollar expense, depending on the scope of the intrusion.
So, let's run down some common ways you can help secure your network!
Most of these tips are as true for enterprise users as for home PCs. In fact, as telecommuting becomes more common, it's often necessary to ensure your home network is as secure as your business network.
1 – Use WPA2
Since 2006, WPA2 has been the standard in WiFi security encryption, being both faster and safer than the original WPA standard. Except under extraordinary situations involving legacy devices, there is simply no reason not to use WPA2. In fact, if you're still using a router that only supports WPA1, we quite honestly suggest that it's long past time for an upgrade. The older standard is simply too vulnerable to be used in any serious capacity these days.
2 – Do NOT Use WPS
Easily confused with WPA 1 or 2, WPS stands for WiFi Protected Setup. In theory, it was a standard that allowed wireless devices to quickly and easily connect with each other, often at the touch of a button. In reality, WPS has been shown to be extremely vulnerable to intrusion, with a variety of methods that hackers can use to break through the security – even using brute-force techniques.
While some individual vendors have custom WPS implementations that are more secure, as a general rule, it's just not worth the miniscule extra convenience. Just use WPA2.
3 – Change Your SSID
Most people already know to change the password from the default, but many users don't think to change or hide the SSID of their WiFi routers. While not directly related to security, having a default SSID is basically putting a bullseye on your network.
Because (unfortunately) many users, especially at home, change neither the SSID nor the default password, a default SSID ultimately encourages hackers to try to break in. Preventative medicine is a good idea, and custom SSIDs are a quick and easy way to discourage people from probing your defenses.
4 – Filter Your MACs
Every device connecting to a network has a unique MAC address, acting something like a digital fingerprint. One of the most robust ways of securing your system is to simply disallow connections from any non-recognized device. The downside to this, of course, is that every MAC has to be entered manually, and it prevents guests and visitors from logging on without first talking to a SysAdmin.
As an alternative, many vendors also offer software options that monitor the devices connecting, and send alerts to you when a new or unrecognized device connects. This often creates a good balance for those who need easy guest access.
5 – Virtualize Your Network
A modern virtual network offers much more robust security. On older setups, someone requesting access gains partial access to a router while it “phones home” to verify their credentials, allowing their foot in the door.
Virtual networks, such as those set up through ADTRAN BlueSocket systems, distribute the security system across the entire network so that every device is able to independently verify credentials without that insecure intermediate step.
If you have more questions about your WiFi security, please don't hesitate to drop a message below, or give us a call to talk about it!