While the time-bound, tech-savvy corporations install Wi-Fi to meet the requirements of their busy working schedule, it’s time they realized that Wi-Fi network security is part of the installation procedure. Wi-Fi network security can be ensured during the Wi-Fi device installation stage itself, by taking the following precautions:
1. Place the wireless router internally: Place the wireless router inside your office so that it isn’t easily accessible to outsiders. You don’t want to make Wi-Fi network security settings only for someone to come and reset it. Moreover, if you place it at a strategic location, it would surely minimize signal spillage.
2. Change the default login and password: Change the default login and password assigned to your device. This will prevent any user connecting to the wireless device by making easy changes to the device configurations.
3. Enable encryption: It is recommended to enable encryption, preferably Wi-Fi Protected Access version 2 (WPA 2). Wired Equivalent Privacy (WEP) and other weaker encryptions have known vulnerabilities, providing easy access to wireless networks, resulting in Wi-Fi network security breach. Ensure that the passwords to these networks are complex and also avoid dictionary words.
4. Change service set identifier (SSID) name: Change the SSID name i.e. name of the network. If there are not many users, you can disable the broadcast of this name and manually enter it for every device/ user. Thus, you would be using a wireless network, without your neighbor knowing about it.
5. Enable firewall: Enabling the device’s firewall capabilities is important to ensure Wi-Fi network security. Most devices come with firewall/access-lists.
6. Switch off device when not required: Don’t forget to switch off the device when not in use. This is important for Wi-Fi network security, especially when you are away from home/ office for long.
7. Facilitate media access control (MAC) filtering: The advanced users may also want to enable MAC filtering to avoid Wi-Fi network security breach. This would mean only certain devices whose hardware addresses are supplied to the device, would have access to the network. Update device firmware and review logs for any unauthorized access.
These measures if implemented while setting up the Wi-Fi device are sufficient to ensure Wi-Fi network security. However, the administrators should make sure that the benefits of wireless connectivity are not affected.
About the author:
Karan Ingle is a security consultant at Mahindra Special Services Group (MSSG). He has managed multiple IT Security projects dealing with vulnerability analysis, enterprise wide penetration testing, network/system forensics and web application testing.
This was first published in January 2011