Starting in 2005 and for approximately 18 months, hackers gained access to over 45 million credit card numbers from TJ Maxx and related stores because of poor WiFi security. The company had believed that they had secured their internal wireless network, but they had used Wired Equivalent Privacy (WEP) for the encryption technology. WEP was cracked in 2001, and it takes a hacker less than 5 seconds to break WEP encryption, giving them access to the wireless network.
Most businesses and residences have some type of WiFi network. Almost all SOHO (small-office / home-office) routers have a wireless interface built in. The most secure way of installing a router is disabling the WiFi completely. Because that is impractical for today's wireless-connected world, I will detail out a few steps that should be taken to protect your network.
- Always use WPA2 encryption. If your router does not support WPA2, replace it with one that does. Make sure it is enabled and working properly. I recommend having professional IT assistance in configuring your router to make sure WPA2 is setup properly.
- Choose a good passcode. Make sure this passcode is sufficiently long, at least 12 characters. The best passcodes are easy to remember phrases, like SteakandPotatoesForDinner.
- Setup a separate network for guests. Do not allow guests to access your business network. Their computers or devices may have viruses, malware, or other bad programs on them that could cause major problems on your network. You can setup another network for guests that gives them access to the Internet, but no access to your company network.
- Secure your guest network with filtering. If you plan on having a guest network, make sure the traffic is properly filtered. You become responsible for what happens on your network, so if someone is a guest and does something illegal on the Internet through your network, you may be held responsible.
- Don't give out your passcode to everyone. Make sure that the people that you give your passcode to need access, not just want access. Refer to number 3 for having a guest network.
Also, there are times that you access the Internet through a guest WiFi system, at a coffee shop, for example. Here are some tips to keep your device secure.
- Be careful to make sure you are connecting to a legitimate WiFi network. The place of business usually advertises the name of the network. Only connect to the one with that name.
- Make sure the firewall is enabled on your device. If it is a Windows laptop, select the Public network settings on the connection.
- Avoid doing any banking, purchasing or entering confidential information while connected. Even though your connection to these sites is usually encrypted, it is best to be cautious.
WiFi is a great utility, allowing many devices, from tablets to TVs to connect to the Internet. It has to be used with caution and understanding that the data is being sent far beyond the walls of your building. With care, it can be secure.