Wi-Fi routers, while convenient, are hardly secure. You need to enable encryption to ensure that others don’t mooch off your connection. Best case scenario, they may be harmless freeloaders who just browse, email and then log off. Worst case scenario, you may be opening yourself up to hackers and spammers.
So how do you protect yourself? Here’s how:
- Choose the correct Wi-Fi security: Different protocols like WEP, WPA and WPA2 offer different levels of security. Of these WEP is the weakest, and may only thwart the freeloaders. WPA (Wi-Fi protected access) is stronger and WPA2 offers the best protection. To make your Wi-Fi security iron clad, you can enable both WPA and WPA2 in either Personal or Enterprise modes. You can use the latter if your organization has more users. Though more complicated to set up, it’s easier to maintain and more secure. Users on your network cannot spy on one another as the encryption keys are unique to every user’s session. Also, if employees leave, you can easily change the passphrase for that specific device and user. Otherwise, they would be able to gain access to your network later.
- Use a strong passphrase: I cannot stress on the importance of this enough. Use words not found in the dictionary, and use a combo of uppercase and lowercase letters, and numbers, and make the passphrase a little long.
- Change your network name: Using default names, makes it easier for hackers to enter your network and access your info. Use a unique name without revealing much info.
- Hide SSID: This will make it possible for you to hide your network name from the list of available networks. So when someone searches for networks, if yours is not displayed at all, it reduces unauthorized access considerably.
- Careful with Device Authorization Lists: MAC address filtering makes sure that devices that are not listed as authorized to use your network, cannot gain admission into your network. Problem is, these ‘authorized’ addresses can be easily forged by hackers. Therefore, don’t rely on this method of protection.
- Out of the office: when on public hot spots and other un-trusted networks, employ a VPN (virtual private network) connection. This secures your net traffic by transmitting it to your VPN server through an encrypted channel. This will prevent local snoopers from hijacking accounts or cracking your passwords. You could consider hosted services if your organization doesn’t offer VPN access. While there are several free ones available, paid services like Comodo TrustConnect are more reliable. In case you do not use VPN access, you need to ensure that websites you visit are encrypted. Access sites only thru browsers and try using SSL/ HTTPS encoding. You will see a padlock icon on secure sites, like banks for example.
- Never proffer your business Wi-Fi connection to guests: Offer a different Wi-Fi connection to unfamiliar persons, in the event you HAVE to offer them some connectivity. Ensure you have a separate network and the access is separated from your main network so that they will not be able access your devices, files or even eavesdrop on your traffic.
- Physical Security: Ensure that the wireless router and the access points are protected from visitors. Any person could easily connect to your network if it’s accessible and do whatever they want. For example you could place your equipment high on the wall or in spaces where outsiders are not permitted.
This is a guest post by Eve Zaremba of xfinityonline, a site that offers savings and current information on xfinity internet. for more info.