By its nature, wireless is much more unsecure than wired technology.
When information is transmitted between a device and access point over a wireless network, it's much more susceptible to interception by anyone within that range. With wireless being such a prolific technology these days, there are lots of people — and not all of them need to be threat actors — who can and will eavesdrop on your wireless networks.
The InfoSec Institute agrees with that assessment: "With abundance of automated Wi-Fi hacking tools such as ‘Wifite’, it no longer takes a skilled attacker to breach Wi-Fi security. Chances are high that one of your tech-savvy neighbors would eventually exploit a poorly configured access point. The purpose may or may not be malicious; sometimes it may simply be out of curiosity. However, it is best to be aware of and secure your Wi-Fi against attacks from such parties."
Bearing that in mind, here are six useful tips that make up the basics of wireless knowledge for every employee.
Wireless Security Essentials for Your Company and Home
It's likely that venturing into wireless territory is not a new endeavor for you. Though business environments are more likely to still contain wired technology than are personal environments, the costs to replace can be high and the desire to maintain those wired connections low.
6 wireless security essentials every employee should know. Click to tweet.
Be careful about what you transmit
It's important to get the mindset straight. Always take the healthy paranoia route: assume that someone is listening to what you're transmitting. Think about it this way: you don't say your password out loud. Put yourself in the mindset that transmitting data over insecure wireless is like speaking classified information while someone without security clearance is in the room.
Understand the ever-increasing threat
There are a lot of tools those nosey people or threat actors can use to access and eavesdrop on your wireless network, and the list of resources and tactics just keeps growing. Think about that with regard to how your security practices must also adapt to keep up.
Be aware of all wireless devices in your area
You could buy a printer that was already configured for wireless use, and never realize that all of the information you sent to the printer could be intercepted. So it's up to you to be knowledgeable about the devices on the network, and somewhat aware of the vulnerabilities in these devices.
You don't necessarily enlist outside consultation services to understand this and protect yourself, but Twinstate encourages everyone to at least access information from industry experts on a regular basis. They'll have the most current information. And usually contact info is available, so in a short period of time, you could find someone that can help you out.
Check your configurations
When you purchase a router, the basic information to get it up and running has been published on the internet already. That's why you need to understand and change your configurations. So often, people just forget, as we can be caught up in our mission: getting connected to the internet. But you need to focus, too, on changing your password to something complex and your SSID to something that doesn't reveal too much about who you are or your business. For example, using "MyDogRover" as your SSID and "Rover1" as your password will not make a good combination. Using something like "ABCCompanyFloor1" is also unambiguous. You only want people to connect who should actually be connecting, so reconfigure and keep it smart.
Use strong encryption
The next major wireless security essential is, of course, encryption. There's usually an option to add encryption to your new device. Twinstate suggests choosing WPA 2. Consult your device's manual for more information about how to set this up.
Stranger danger: Avoid public Wi-Fi or Wi-Fi you don't know
It's nice to sit down in a cafe and do work sometimes. But you can't trust your local shop's internet, which means you shouldn't use it all. If you do need to do work in public, you need to connect to your virtual private network or VPN before transmitting any login data.
You'd be surprised how many people remain unaware of this threat. In fact, a Symantec survey released earlier this year showed that 87 percent of U.S. consumers have used the readily available public internet.
In addition, you can't connect to just any Wi-Fi. Even if a network might be named similarly to your own network, you should always do a double take. It's simple for a threat actor to mimic the name of your network, or maybe to create a network name one character different from your own. So when you think you're connecting to KellyHome you're actually connecting to Ke1lyHome. Making the distinction before you connect is always a smart move. Another similar scenario: what if you're in a giant office building and you accidentally tap on or click the wrong wireless network altogether, but it's insecure. You could connect and start transmitting (even to a competitor!) without knowing it.
Stranger danger: Avoid public Wi-Fi or Wi-Fi you don't know. Click to Tweet.
Maintain Your Wireless Security Resources
The last wireless security essential is one that you can't just implement and walk away from. It's ongoing. It's "knowing your resources." Sign up for as many security newsletters as you can. Create a list of reputable security websites and research firms, such as SANS, or Naked Security from Sophos. Getting information from these sources can help you understand how to stay adaptable and when there's an immediate or emerging threat.
Read More:
Originally published on 01/05/2017
Topic: Cybersecurity, Network Security, Firewalls & Network Security