Six Steps to Securing WiFi in a Small Business
In my job at SonicWall, I talk to a lot of people about IT security. One thing I hear a lot of the time from small business owners is something along the lines of “Why would anybody target me? I am just a small company. They would much rather go after big companies.” While this is very true for highly targeted attacks, where a highly motivated and funded attacker is going after a well-known entity, it is simply not true for the majority of attacks which are much more opportunistic in nature.
Let me give you an example. Let’s say you own a local insurance agency in a retail complex. You rely heavily on your computer system to connect to the insurance company and share information about the policies that you need to write. In the business, we call that “private customer information” and it is what you need to protect. Now, let’s assume you have a broadband connection and a consultant who has helped install and maintain your network including the security component. So far, so good.
Next, you decide you would like to add WiFi to your network so you and clients can connect more easily. You decide to go down to the local box store and purchase an off the shelf consumer class wireless access point and connect it to an open port in your office. You skip quickly through the startup menu choosing “quick start” and are up and running in a few minutes. Great, right? Not so fast. Most likely some of the steps you skipped over had to do with securing the wireless traffic, but that is difficult and requires some thought so you decided to do it later, which never happened.
At this point, you have a very secure wired network and an unsecured wireless network. Now, next door is a fast food restaurant with a lot of teenage kids who rotate in and out based on the season. One of them happens to be a wanna-be hacker, who notices a wide open wireless network and decides to investigate. She finds that she can connect to the wireless network and not only get wireless access, but also see the files on your computer, because you allow file sharing! And worse, she can see the private customer information that is so important to not only your local agency but also the nationwide company. And in a fit of teenage rebellion or altruism, she decides to download the customer data and then sends it to the nationwide agency to show them that one of their agents is not being responsible with their customer’s data. That is known as white hat hacking, and she is actually doing your insurance company a favor. Imagine if a neighbor with less noble intentions had been able to extract the data.
This is just an example, illustrating why wireless security is so important. Here are some tips to help you keep this fictional scenario from becoming a reality.
- Utilize a firewall with integrated wireless security that simplifies the implementation of wireless network security.
- Leverage deep packet inspection on the firewall to scan all traffic to and from the wireless users’ computers for viruses, malware and intrusions that may have been brought in from the outside.
- Since many websites are now leveraging SSL encryption to protect user data, make sure that your wireless network security solution can decrypt and scan encrypted traffic.
- Look for wireless network security solutions with wireless intrusion detection and prevention to block rogue access points and minimize the disruption from denial of service attacks.
- Apply application control to block unauthorized applications from being used on the wireless network.
- Set up a secure wireless guest network with encryption for your guests if you want to allow your customers to use WiFi in the lobby or conference rooms.
This is just one hypothetical example of what can happen if you don’t take security seriously. To learn more about wireless security, here is a quick and easy infographic with more information on this important topic.
Follow me on Twitter: @johngord