In last weeks’ column I discussed one possible implementation of Wi-Fi in a business network. By using an Access Point (AP), mobile workers can access network resources at the office, without using wires. This makes them more flexible in using office space at your organization. However, to have a successful installation of an access point, you must configure security properly. I am going to discuss the methods of doing this; however, you should consult your local technology provider about their implementation recommendations.
For this column, I am going to talk about some of the security features built into the Linksys Wireless G router (which I happen to use as an access point for my network). By the way, the methods of securing this device are similar across all of the different Wi-Fi manufacturers.
First, let’s start with defining the word ‘secure’ as it relates to Wi-Fi. When securing an access point, we aren’t just referring to the administrator password to get into the device. Yes, this is a necessary task and you should change the default password on the device so that it isn’t easily attained. Too many devices are out there on corporate networks with the default passwords still in tact. Don’t be one of those easy targets for prying eyes!
But, to truly ‘secure’ the device, we need to encrypt the information that is passing through the air. Unfortunately, many of the devices available do not do this by default. That means, out of the box, a Wi-Fi access point may pass information to the computer that can be captured by an unauthorized 3rd party. Additionally, by not configuring the security on the access point, the Wi-Fi device remains ‘open’ allowing anyone to connect to it. That is a serious security ‘no-no’ in the corporate world. You don’t want the guy next door to use your Internet connection and possibly see your Quickbooks data as well do you?
So how do you secure the device? OK, get ready for some more acronyms, WEP & WPA…I will do my best to decipher. In the Linksys router I am referring to, there are 2 different methods, WEP & WPA. WEP, or Wired Equivalent Privacy, is the most commonly seen security method among small office and home offices. This method uses a key, usually 26 hexadecimal characters, to encrypt and decrypt the traffic between the computer and access point. However, there has been information released that shows WEP to be flawed and open to being hacked if someone really wanted to get in. It isn’t as secure as the next method that I am going to talk about which is WPA.
WPA (WPA2 on some devices), or Wi-Fi Protected Access, was created to plug the security holes in WEP. In a nutshell, it is the best method to securing the access point and ensuring encrypted data that cannot be compromised. Now, I could go into more detail than you would ever want to know about WPA but I recommend you go to wi-fi.org and learn about all of the topics I am covering here. One disclaimer to WPA is that devices such as a TiVo (or even some of the latest pc’s) may not support WPA. Some manufacturers have software updates that you can apply to these devices so they will support it. This is a headache in the home office where you are using Wi-Fi for both your home electronics and your office machines.
One additional step, that many secure networks will employ, is disabling SSID (Service Set Identifier, or the name or your Wi-Fi network group) broadcasting. I promise not to get too ‘techie’ here but simply put, your newly installed Wi-Fi device is most likely broadcasting to everyone around it that the Wi-Fi network named “linksys” is available. By default, most access points have SSID broadcasting enabled so it makes your Wi-Fi network more visible and easier to setup. However, to keep your neighbor from intentionally or accidentally connecting to your network, disable this service.
OK, that’s a lot of information and I didn’t dive into all of the specifics. So now what? This technology column is meant to give you enough information to speak to your local technology provider about the right solution for your business. They have the tools and knowledge to successfully implement the right technology for your business goals.
No comments:
Post a Comment