Posted on Thursday, October 26, 2017
If your wireless network is not configured properly, unauthorized users could be reading your e-mails, browsing your files or connecting to your network as effortlessly as you do. A few simple precautions reduce your risk of being a target.
Wireless networks are one of the leading frontiers of information technology -- and information convenience. You can log in with a wireless laptop or handheld device anywhere, anytime, without worrying about details like cords or plugs or jacks.
Unfortunately, the wireless technology frontier is not without its outlaws. Groups of hackers are “war driving” the streets of every major city and using wireless laptops and special software to search for unsecured access points. They either use these open airwaves for their own purposes or post their locations on Internet sites for others to use. Sometimes, they even mark the sidewalks or walls nearby with symbols to alert other war drivers to easy targets.
This kind of theft puts your computer data at risk. Even worse, it jeopardizes your institute’s network and the systems and data of everyone on it. For these reasons, it’s important to remember that while wireless networks may be wireless, they still have strings attached for maintaining information security.
Why are wireless networks so vulnerable? The portability and flexibility that make wireless networks so attractive is a double-edged sword. Because the organization’s communications medium is accessible without a direct connection, anyone in the organization can log into the network from almost anywhere. Unfortunately, so can others if certain precautions have not been taken. In addition, the devices primarily used to access wireless networks -- laptops and handhelds -- are easily stolen and can reveal sensitive information.
What security risks are associated with wireless networks? As with any computer network, a breach of security on a wireless network can result in viruses; identity theft; loss of confidentiality for the organization, its users and its network; loss of data integrity; and the threat of denial of service attacks. Even if data confidentiality and integrity are not compromised, unauthorized users may steal bandwidth and cause a decrease in network performance.
How can I lock down my wireless network? Protecting your wireless network requires many of the same precautions that any network requires: choose and use secure passwords for screen savers and sensitive files; use encryption software as added protection for sensitive files; and back up data frequently.
When a network is wireless, however, some additional security measures are necessary to make you much less of an easy target. For example, system administrators should separate the wireless network from the rest of the network by treating it as “hostile” and placing it behind a small firewall or other similar device. The firewall should be configured to allow only Web and other limited services through. In addition, many wireless access points have built-in servers to provide Internet Protocol (IP) addresses to all those wishing a connection. System administrators can turn this server off and configure the wireless access point to accept connections only from specific clients.
At the individual level, you can change the default password, security and broadcast settings on wireless devices. The companies who sell these devices want them to be easy to use right out of the box. In many cases, they switch the security systems off by default, set a default password for the wireless router, and configure wireless access points to broadcast their service set identifiers (SSIDs) to make it easier for users to identify and connect to them. If you leave these settings as they are, it may be easier for you to access your network but you will also leave the door open for someone in the next office or even the parking lot to get into your system.
Last but not least, you can also enable and use the Wired Equivalent Privacy (WEP) authentication and encryption systems included with your wireless device. Although this encryption method has already been broken into, it should make your system sufficiently secure in most situations when used with the suggestions above.
If you feel you require additional protection, explore the possibility of encrypting all traffic sent wirelessly u sing a Virtual Private Network (VPN) with your system administrator. This does not come standard with any wireless equipment and must be implemented using third-party hardware and software.
Can I relax if I take these precautions?
As with any information security measures, you always have to stay one step ahead of the people who want to break into your system. Stay informed of changes to security standards and features, as well as new threats and vulnerabilities. Label and keep inventories of the wireless and handheld devices in use. Test and assess the security of your wireless network periodically.