Why is your office WIFI still at risk?


Most people today are comfortable with using WiFi services. In today’s world with smartphones, tablets and WiFi enabled devices most businesses and individual users have learned to apply basic security to protect their Wifi from unwanted access however, there is more to WiFi protection than just having a complex passphrase.

Basic security for most home users means having a complex password. They don’t necessarily understand the difference between a security protocol, access control, bandwidth control or content control.

For example, when you ask the casual business or personal user if their network connection is encrypted, they say “yes, my password is 8 digits with capitals and symbols.” Though this is partially correct, the tech understanding behind it is different.

So let’s review the WiFi security elements that pertain to having a good secured WiFi connection:

1)Security Protocols – These are the elements that have the common names of WPA, WPA2, WEP etc. These protocols use a password combined with a randomly assigned portions to create an encrypted connection between your WiFi device and WiFi access point. WEP being the older technology is easily hacked and even WPA and WPA2 can be decoded by a hacker given enough time. For most personal use, the WPA and WPA2 levels are sufficient because in order for hacker to get in, they need to be within the signal range of the WiFi and if you are in a house or apartment, the range of signal is usually limited to your space. For Businesses, where individuals can publicly sit somewhere within your signal range, this has more risk. An evaluation of each protocol needs to be done to determine what best fits your environment.

2)In conjunction with a security protocol, the next level of access control is known commonly as MAC Address verification. Each WiFi device has a unique serial number that identifies it on the network. This includes laptops, smartphones, wireless computers/tablets or kiosks. Your router/firewall/WAP(wireless access point) can be programmed not only to require the security protocol password but also only allow a predetermined set of devices with specific MAC Addresses. This additional layer of security is a significant increase in defense because a hacker would need to know your MAC address as well as the password for the chosen protocol in order to gain access. Hacking a MAC address itself is very difficult, which makes combining both elements for your WiFi security very strong. The downside with enabling this feature is that you cannot easily give “wireless access” to your friends or clients for casual use. That is also why a lot of retail or public facing companies are offering a separate “guest” network which is not connected or is a separate zone from their work network.

3)Another element of your WiFi network is actually your bandwidth or “speed”. WiFi standards today can reach speeds almost as fast as standard wired(copper) networks. These speed classifications are termed with letters such as A,B, G and N. N being the newest standard and supporting the fastest speeds. The thing to keep in mind is that just like your wired connections, having multiple WiFi connections at the same time SHARES your bandwidth. Generally speaking, the more devices that are operating wirelessly, the less overall speed you will have. This especially applies to businesses using standard or minimum internet packages instead of top level or fiber based internet services. Most WAP and routers today have bandwidth control capabilities allowing administrators to choose how much speed they want to distribute to the WiFi connection and can even determine access times, user limits and peak/non-peak settings.

4)The last element of WiFi control for businesses which also applies to standard network controls is the ability to control what content is allowed to flow through your connection. This can be specific to websites, or can be used in conjunction with white and black lists and by categories. This allows employers and companies to control who accesses facebook, porn sites, game sites, email etc through their internet service. This usually combines with company policy to determine how much restrictions, if any is to be applied.

All these elements should be part of an overall company usage policy that is reviewed between management and IT for the best solution.

Feel free to contact us anytime about this article.

If you liked this article you may be interested in:

Top 10 scariest things about technology that businesses should know!

or

What is a Technology Audit?

Advertisements
This entry was posted in Opinion and tagged , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s