Wi-Fi Security User Guide
Public and private Wi-Fi connections are everywhere and our access over these networks has become routine if not occasionally mindless. Our wireless-enabled devices scan for available connections, we select a connecting network and get work done. Often we take these prolific connections for granted, and through habit, assume our usual connected activities without any regard to the network our information is traveling over.
Businesses of all types and across all industries are facing increased pressure from customers, vendors, and even employees to offer secure and fast wireless access. Wi-Fi hotspots in coffee shops, libraries, airports, hotels, universities, and other public places are convenient, but often they’re not secure. Although offering Wi-Fi is vital, it remains vulnerable to wireless threats. Networks may unknowingly allow client connections to a malicious access point (AP), putting all endpoints at risk. On the administrative side, Wireless Intrusion Prevention Systems (WIPS) or Wireless Intrusion Detection Systems (WIDS) should be used to enforce wireless security policies. But as an end-user of Wi-Fi networks, your own precautions are needed.
Home Wireless Security
When you use a wireless router or access point to create a home network, you trade wired connectivity for connectivity delivered via a radio signal. Unless you secure this signal, strangers can piggyback on your internet connection or, worse, monitor your online activity or access files on your hard drive. By taking the following actions, you can help secure your wireless home network against these threats.
- Change the default system ID of your wireless access point or router.
- Change the default password for your system.
- Turn off identifier broadcasting.
- Encrypt wireless communications. (WPA+AES -based encryption offers better protection than WEP-based encryption.)
- Use your router’s built-in firewall to restrict access to your network.
- Keep your wireless system patched and up to date.
Public Wireless Security
Accessing a wireless connection from a coffee shop or airport terminal may be convenient and even fun, but you should note that public access points (frequently called hot spots) are often insecure. If you are in a coffee shop (or connected to any public Wi-Fi), do you know the network you connected to is the shop network and not a spoofed clone network setup by another patron? Or even if it is the coffee shop network, we are often left unaware of how the network is configured and how secure it is. Thankfully today most websites require SSL encryption if they handle any sensitive data. This is one layer of protection for web browsing but relying solely on 3rd party SSL leaves us at a disadvantage. In order to fully protect your data, you need to take control of your own encryption and ensure all traffic coming to and leaving your device is securely encrypted. Using a VPN such as WatchGuard Mobile VPN, puts you in control of your encryption. The following are some steps you should consider taking before connecting to a public access point:
- Use a virtual private network (VPN) if possible.
- Avoid using passwords and providing personal information to websites.
- Encrypt your files.
- Be aware of your surroundings.