Securing Your Wireless Network

For people running home or small business wireless networks there are a few tips that can help you run your wireless access point more securely.

  • Don’t let everyone use your network.  A wireless access point will work out of the box, just power it up and plug it into your DSL or cable modem.  Unless part of your business model involves providing free WiFi for your customers, this is a bad idea.  You should follow the directions of provided with your access point to change the name of the network (the SSID or Service Set Identifier), and provide some level of encrypted connection, WEP or WPA, that requires a connection password.  It is ok to write the password down and even attach it to the access point on a label.  This makes it easy for you, your employees, family, or guests to connect, while keeping your neighbors off of your Internet connect, and out of your local network.  Se my earlier blog on the Chuck Norris attack.
  • While you are at it, change the administrative user ID and password.  A recent cybercriminal exploit can take control of an access point and use it as part of a bot-net to redirect web surfers to malicious websites.  They gain access by trying the know default administrative passwords of these devices, because they are usually not changed by the new owner.
  • Move your wireless access point away from windows and toward the center of your building.  This will keep the signal from traveling far beyond the walls where others can connect.
  • Keep your computers defended.  Install and use a good quality Internet Security Suite, and keep your Windows Updates current.  That way if someone gains unauthorized access to your network, they won’t be able to attack your PC.

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.