Showing posts with label Wireless network. Show all posts
Showing posts with label Wireless network. Show all posts

Saturday, July 20, 2013

5 Tips for Securing Your Wireless Network

My friend is a System Analyst and he administrate our IT network at enterprise level.

The networks, depending on location, vary from small, localised system to wide virtual interconnection between offices and premises miles away from each others. So, this article might be of interest to him and I'm sure he and many others can benefit from some of the ideas presented here.


Typical clients of a wireless router. Image credit: ConceptDraw


I found that some of them are pertinent to my situation but they could be essential to other professions.

Five pointers or tips to wireless network security:

1. Security practices are essential for wireless networks of all types.

Strong encryption—preferably use WPA2. An eavesdropper can pick up wireless signals from the street or a parking lot and break older security algorithms like WEP in minutes using tools readily available on the Web.

Complex passwords. Cybercriminals can use cloud computing resources to test millions of passwords in minutes, so wireless passwords should be 10 characters or longer and include numbers and special characters.

Unique SSIDs. SSIDs are part of the password used for WPA2 encryption. Hackers use“rainbow tables” to test common SSIDs, so administrators should pick unique network names (but not ones that identify their organisation).

VPNs for remote access. Virtual private networks are essential to protect communications from mobile employees (who can put a VPN client on their devices) and remote offices (which can use economical, point-to-point VPN connections).

Employee education and published policies. Employees need to be educated on secure networking practices. In companies with bring-your-own-device (BYOD) policies, this includes acceptable uses of personal devices for company business.

2. Provide controlled access for Guests

Uncontrolled access to wireless networks is a common security issue. Often, customers,suppliers and other office visitors are given IDs and passwords that provide perpetual access to internal networks. Stories abound of contractors whose passwords remained valid for weeks or months after they moved on to other employers.

Some organisations address this problem by providing a separate guest network with limited access to core IT systems. This approach addresses the issue of transient guests, but it is expensive and not always useful for contractors and long-term guests.

Another approach is to find tools that restrict guest and contractor access to appropriate periods of time and place limits on their activities.

3. Manage multiple access points in Central Offices

Deploying and managing wireless access points can be time-consuming. Large offices and campuses may require many access points to cover all office areas, conference rooms andmeeting spaces used by employees. Multiple wireless networks for different groups and for guests can add to the work.

A best-case scenario is to find tools that do not require specialised knowledge or a long learning curve, so the work can be done by network administrators rather than wireless networking specialists.

4. Manage access points in Remote Offices

Providing technical support to remote and branch offices is also a challenge. Constant travel is rarely an option, and it is difficult to work through remote personnel, particularly if no local IT staff is available.

Administrators need to find tools that allow them to deploy, monitor and update remote access points from a central console.

5. Integrate wireless traffic into the Network Security Infrastructure

Cybercriminals are increasingly targeting wireless traffic as an avenue to penetrate enterprise networks. They are exploiting:

· The growing number of remote and mobile workers. 
· Home computers and mobile devices that lack the endpoint protection tools.
· Bring-your-own-computer policies that limit the control that companies have over the selection and configuration of mobile devices.

To prevent wireless traffic from becoming a major threat vector, enterprises should ensure that wireless traffic flows through the full network security infrastructure so it can be scanned for malware. Probes and attacks can also be detected.


Source: Tech @TheStar