Failing to set policies, leaving your access points vulnerable, and settling on a password that's too obvious can lead to worries on your wireless network.
Who doesn’t love the convenience of an in-house wireless network? You can tote your laptop to a colleague’s office, a conference room, even to the cafeteria -- as long as those places are within range of your system’s signal -- and still get your email, retrieve documents on company servers and even access the Internet.
And who hasn’t heard about the headaches inherent with all that openness? A few complaints involve performance: For instance, most networks have some “cold spots” where the wireless signal is weak or non-existent. But for most businesses, the biggest concern is security. Or, more precisely, the lack of it.
Like cell phones, wireless networks rely on radio waves; like cell phones, they’re simply more vulnerable to certain security problems than their wired counterparts are. While security standards have grown increasingly more stringent in recent years, corporate wireless networks remain vulnerable to a variety of threats. Among them: Computer viruses and worms. Hacker intrusions. Nearby outsiders who hop, uninvited, onto your network, using your signal to access the Internet for free. (A few years ago, I had a contract job at a struggling company that didn’t have its own wireless set-up, but its employees could easily piggyback onto a neighboring business’s unsecured wireless network. Nobody was interested in their host company’s data; they just wanted to surf the Web for free. And they did. Regularly.)
Protecting your wireless network starts with an obvious step: Invest in a firewall, a virus-scanning program, and intrusion-detection software. Use them at their highest-security settings. Update them regularly -- automatically, if possible. And make sure your IT team is using the most recent security protocols (usually expressed as some combination of the number 802.11, followed by a letter), which are more secure than earlier iterations.
Beyond that, avoiding these common mistakes can help strengthen your network’s security, keeping your information safe and your employees productive:
Using easily cracked passwords. Too many organizations use group passwords that a fifth-grader could figure out. Common ones include: The company name or a slight variation, (such as “WidgetCorp”), a logical sequence of letters and numbers (such as “abcde12345”), one number repeated multiple times (such as “777777777”) or the company’s main switchboard number or mailing address. Experts say some businesses never even bother to change the wireless network manufacturer’s default password -- which a savvy crook can find almost as easily as that street address or phone number.
You’ve heard it before, but it bears repeating: Opt for less-obvious passwords, both individually and as an organization. Don’t use names. Don’t use recognizable words -- hackers typically have software programs that cycle through electronic dictionaries trying one possibility after another until they hit the right one. Use a seemingly random group of letters and numbers, but watch the length. If it’s more than about 10 characters, some people will write it down to remember it, possibly even posting it on or near their computers. That’s like putting a key to your house in an envelope marked “Key to the House” and leaving it right outside the front door.
Leaving entry points vulnerable. Jonathan Hassell, an IT systems consultant based in Raleigh, N.C., says a wireless network’s weakest spots are the places where legitimate outside users can get into your systems. Those points -- such as virtual private network (VPN) connections and remote-access servers -- are also the places most likely to attract unwelcome visitors. Hassell, author of Hardening Windows (Apress, 2005) recommends having your IT team or a security specialist “harden” those points -- that is, provide them with state-of-the-art protection against hackers, viruses and other external threats. And don’t forget that every computer on a network also serves as an access point. Encourage employees to turn off their machines whenever they’re not in use.
Failing to set policies. The world’s best security measures won’t work if employees don’t cooperate. For instance: Wireless networks are so inexpensive and easy to use these days that in some growing companies, forward-thinking employees simply set up their own little networks for small-group collaboration. You need to consider whether such “private” networks are acceptable and, if so, determine whether they’re properly secured. It’s also important to establish rules about who can use your company’s main wireless network. For instance, do you want to provide visiting consultants and contractors with access?
Finally, when you travel, pack the same precautions. Be especially careful about transmitting confidential information over a wireless network in a public place. Travel writer Christopher Elliott relates that while he was using a hotel’s wireless network, someone snagged his email account password and nearly succeeded in sending an obscene message to the 21,000 subscribers of his email newsletter. “It’s the last time I’ll send any sensitive data” wirelessly, Elliott wrote in describing the experience on a Microsoft-sponsored site for small businesses. Just as with cell phones, when you’re on a wireless connection in a public place, your best bet is to assume that somebody might be eavesdropping.