Wireless LANs (Local Area Networks) are taking the workplace by storm, providing businesses with greater flexibility, mobility, and greater access for the workforce. Many companies employ representatives to work from home or on the road and find constant connection to the main office a necessity. To address this, desktop computers are being replaced by laptops, and the increased mobility brings a great advantage. This process is happening now, and the technology has experienced rapid growth in line with the market boom that fueled it. So now the question is not do we need wireless capabilities? The question is how can we get the most out of this investment while ensuring that the company network is secure and not at risk?
The downside of higher technology and a new design is that it provides another potential path for hackers to access your files. Accessing your network over the air creates cold sweats over some bumps and is the main reason wireless didn’t take off at this rate years ago. However, wireless technology is now a secure entity and many large corporate infrastructures enjoy the freedom of WLAN without even a hint of intrusion by unwanted attention. These companies can provide guest access to contractors/onsite visitors without compromising sensitive information, create ‘hot desking’ scenarios for satellite staff so they can save office space while other staff on the road are in full swing contact with the office despite being on the other side of the country. Most coffee shops now provide wi-fi access, so even when in an unfamiliar area, reps can keep in touch and check emails regularly and even send/receive reports at an efficient pace throughout the day. day. So what potential threats still exist? Unfortunately, laptops looking for an internet signal can be very vulnerable to attack as they open up to an input signal. This has led hackers within a public area to access other laptops and explore the contents of victims’ files. It is not worth thinking about what kind of information could be at risk here, from personal material to corporate material of a potentially very sensitive nature. This is known as ‘peer to peer’ hacking, even though the criminal never actually hacked anything. The innocent laptop simply wandered through the air in search of Internet access and offered itself to the malicious intruder. The hacker simply took advantage of this situation while the worker was unaware. Another scenario could be if a satellite worker visits the office and sits at a desk. Instead of scanning the office for a wireless signal, he decides to take the initiative and manually connect his laptop to the network. This seems pretty simple. However, while he is working, his laptop is still searching the airspace for a wireless network to connect to, providing a back entrance to the corporate LAN. It would only take someone in the car park to connect to this peer to peer end user point and they would have direct access to the building infrastructure without any authentication requirements. As you can see, this spell has potential to attack and has resulted in costly attacks in the past.
The good news is that this is all very well understood and attacks like these can be prevented. The level of security required varies from one industry sector to another; however, the safest areas of the country are now hoping to open up to wireless capabilities. Logistics companies rely on wireless technology for mission-critical operations that would not otherwise be possible. Retail businesses can complete more transactions and access vital information faster with WLAN, increasing revenue and ensuring customers’ payment details are kept in the strictest confidence. Coffee shops are experiencing increased revenue through the provision of wireless service for commuters or satellite. Education can increase access to learning resources while protecting yourself from some of the most resourceful hackers in history, the students. Even banks and the financial industry can increase their efficiency and productivity with wireless technology and can rely on leading technology to protect their network.
So how can you experience the benefits of WLAN without losing sleep over being compromised as a result?
1. Passwords – Usually your ‘out of the box’ solution will come with admin passwords/usernames so you can log in and use your new toy. As soon as you get the chance, trade them in for something different. Naturally, try to make the password as unpredictable as possible by including random capital letters and numbers, as well as plain text.
2. Encryption – Once you’ve changed your passwords/usernames, look to upgrade your encryption. The old WEP (Wired Equivalent Privacy) standard can be hacked in 30 seconds, compromising data held on the network. There are much better versions out there, so be aware that without researching the options, the version you are initially provided with may not measure up.
3. Authentication – Decide how your employees will be verified when they seek access. How easy is it to crack this system? For satellite personnel consider implementing IPSec/SSL VPN gateways and for highly sensitive networks ‘two factor authentication’ may be required. It is best to keep authentication methods consistent throughout the company.
4. Rogue Detection – For an additional premium, facilities are available that will constantly scan and monitor your network for rogue APs (Access Points). This will alert you as soon as there is any adverse activity within your airspace. Even better, the technology is available for a system that will automatically cut off any connection to a rogue access point without requiring authorization from the network administrator.
5. Evaluation – Once you’ve implemented your security policy, you should regularly evaluate it to ensure it meets the standards you set out to achieve.
This is a brief overview of how to secure a corporate WLAN, and most of the points deserve a full article. The main point of this was to highlight that there are certainly ways to get the secure wireless network that can take your business to the next level, ensuring that the money you shell out acts as an investment and not a glorified expense.
‘Security in knowledge’