Wireless networks are present in most homes and businesses, but the convenience they offer can open unsecured paths into your network. Late last year the Google Wi-Fi issue made people aware of how carelessly they treat their data on a day-to-day basis. The Street View cars simply collected data that was, metaphorically speaking, "floating around in the air" anyway. And that, in theory, was also accessible to everybody else (they did not hack into any of these networks).
Anyone with a reasonable grasp of technology can collect Wi-Fi data these days, so it is important to strengthen your wireless network’s protection. Here are six easy tips on how to do that, whether it is a home or business WLAN.
Use WPA2 encryption: Older security options like WEP can be broken in moments without special equipment or techniques using something as simple as a browser add-on or mobile phone application. WPA2 is the latest security algorithm which is included with virtually all wireless systems, and should be selected from the configuration screen.
Have a password longer than 10 characters: Even newer encryption schemes like WPA2 can be compromised using attacks which employ an automated process to try billions of possible passwords. Longer passwords don’t need to be hard to remember. Using a phrase like “makemywirelessnetworksecure” instead of a shorter, more complex password like “w1f1p4ss!” offers far more security, as the computing power to test and break such a long key cannot be realized.
In your password, add numbers, special characters and upper and lower case characters: Complex passwords increase the amount of characters which must be considered when performing password cracking. For example, if your password consists of 4 digits and you only use numbers, there will be 10 times 4 (10,000) possibilities. If you additionally use the alphabet in only small cases, you will get 36 times 4 possibilities (1,6 million). Forcing a cracking program to choose from 104 characters times 11 digits results in 15,394,540,563,150,776,827,904 possibilities. This increases the time needed to crack such a password from seconds to millions of years.
Don’t use standard SSIDs: Many wireless routers ship with a default wireless network name (also known as the SSID) like “netgear” or “linksys” which most users do not bother to change. This SSID is used as part of the password by the WPA2 encryption. Not changing this allows hackers to prepare password look-up lists for common SSIDs (rainbow tables) which speed up the password cracking process drastically, enabling them to test millions of passwords per second. Having a custom SSID drastically increases the work and time needed to attempt to compromise your wireless network.
Leave personal information out of your SSID: You don’t want to give hackers a way to know that your network is worth trying to compromise. Putting “John’s House” as the SSID provides information which might be useful to a nosy, tech-saavy neighbor or someone targeting your business. Don’t give hackers a way to see whether a wireless network is yours, or the one of the shop around the corner, use something vague which doesn’t identify you or your location.
Tune the range of the radio: Modern access points have multiple antennas and transmit power, letting their signal reach far beyond the walls of the places they are providing access to. Some products let you adjust the transmission power of the radio using menu options. This provides a way to limit how far outside your location someone can pick up your wireless signal and work on compromising your network.
For companies, however, the tips above are a good start, but of course they have a greater challenge to master and business oriented wireless security solutions are generally still inflexible, expensive and complex. It would be fatal though to fall back on consumer products as they naturally provide a much lower level of security than enterprise solutions. If you are searching for a wireless networking solution for your business that is secure and easy to deploy, check out Astaro Wireless Security.