CNet posted an article today on Wi-Fi security, Security from A to Z: Wi-Fi, pointing out that 26 percent of wireless networks used by business networks in the City of London are unsecured, and 22 percent of access points still have default settings, making them vulnerable to hackers. This is an astonishing percentage of unsecured wireless networks considering the intellectual property risk.

Prudence is required when setting up a corporate wireless network, but the risk can be out weighted by implementing the property security measures. I have recently been involved in setting up a company wide wireless network in which we applied multiple levels of security giving us complete confidence for our data’s security.

The first, and most basic, level of security was password protection. Here we applied the router’s integrated protection using a pre-shared key (WPA-PSL/WPA2-PSK) with data encryption. With the increasingly availablity of tools to hack this level of security we didn’t feel safe stopping here. The second level of security was to disable DHCP and require the proper LAN configuration. Last, but not least, we wanted to push the security to a hardware level by applying MAC address filtering. These layers required additional work from a network administration perspective, but the additional security applied makes it worth it.

Applying these three layers of security we feel more secure in opening our network to wi-fi. My only remaining fear lies in the security of the wireless router as the network is as only secure as the access to the router itself. If you have additional suggestions or comments on securing a wireless network please leave a comment below.

One Response to “Securing your Wi-Fi Access”

  1. Alena Says:

    Congratulations on your new business!For a small ociffe network such as this I would suggest the following.Obtain a static IP from your internet service provider (ISP).ISP connection to the WAN port on a firewall.LAN port of firewall to your router.Get a router with switchports on it so it serves the purpose of the router and a switch all in one.Connect the PC’s and web server to the switchports.You’ll want to configure vlans on the switch and the router so your firewall is in a separate network then your PCs. Doing this lets you configure the firewall so traffic that comes in from the internet can get to your web server but not to your PCs. Your PCs will still be allowed to initiate connections to the internet.

Leave a Reply