The best way to stop a cyber security attack is never let them in, in the first place, and wireless security is often overlooked. We’ve blogged about Cyber Security in the form of applications that can help detect hack attempts, software that we deploy that provides Disaster Recovery in the event of an attack, but what about stopping criminals from ever accessing your network? It should be a given that you wouldn’t allow strangers off the street to walk into your office, plug in a network cable and start using your business network, that’d be like giving away your bank details to strangers? So if someone walked into your office and tried to plug a cable in, you’d stop them, kick them out, shout obscenities at them, right? Well, are you thinking about how far out your office wireless signal reaches? Do you have a café the ground floor below you and does your wifi extend down that far? If so, what are you doing to monitor wireless network join attempts? Would you even know if someone joined the office wifi that didn’t have the right to?
A best practice for wireless security is to present a Guest Wireless network, password protected like your office/admin wireless network, perhaps a less strenuous password so legitimate guests can type it in without needing twenty fingers and thumbs to key in all the characters, but a separate guest wireless network all the same, and have “Guest Policies” enforced (the government are, so should you?). A “Guest Policy” for a wireless network would prevent any devices joining the guest network from being able to communicate with any other devices on the network, both guest and admin. A guest joining a guest wireless network should be able to gain access to the internet and nothing else, we often refer to this as “Ring Fencing”. Imagine an invisible fence surrounding a device joining your guest network, acting as a barrier to the rest of your network; they can’t see your data, your admin laptops, or other guests devices, just the internet.
In reality, there’s no reason for this Guest and Admin wireless network split not to be implemented at your home address too. Do you take your works laptop home with you? And you join it to your home wifi right? So you’ve got private company data stored on the laptop, or at the very least company data is accessible via your computer, but you have guests coming and going from your home address, all with potentially infected, hacked and corrupt mobile phones, games consoles, tablets, laptops and who knows what else all desperate to hop on to your wifi to save using all the data on their 4g contracts. Why expose your secured devices to those high-risk devices? It doesn’t take much to up your home wireless security, most modern routers can present multiple wireless networks, and have guest policies built into them that can be applied to a guest wireless network.
So you’ve got a guest wireless network, and a separate admin wireless network? Excellent! Are you watching who, what and when devices join either of those networks? As I said above, if someone walks into your office and tries to plug into your network you’d turf them out. Surely you’d want this for your wireless also? In some up-coming blogs, we’ll provide an overview of some services we offer that can provide you with the tools to monitor your network activity, even giving you the power to block devices trying to connect that are unknown to you.
Cyber Security extends beyond what you can see and touch, don’t overlook your wireless security. If we’ve struck a nerve and you’d like to discuss any of the above further with us please get in touch, for what we do today secures your business for tomorrow.