SECURE YOUR WIRELESS NETWORK

SECURE YOUR WIRELESS NETWORK

Source: MWeb

MWEB offers some top tips to secure your wireless network:

  1. Locate your access points away from windows: When conducting a site survey for where to position the access point of your network, think about locating it towards the centre of your building rather than near the windows. This will make it easier to ensure that your coverage extends to your windows but not beyond. If the access points are located near windows, a stronger signal will be broadcast outside your building, making it easier for people to access your network.
  2. Reduce your network transmitter power: This feature is not available on all wireless routers and access points, but some allow you to lower the power of your network transmitter and thus reduce the signal range. It’s usually impossible to fine-tune a signal so accurately that it won’t leak outside your business, but with some trial and error you may limit how far the signal extends. This minimises the opportunity for outsiders to access your wireless network.
  3. Enable firewalls on each computer: Most modem routers have built-in firewalls. You should ensure that all routers’ firewalls are turned on, and also consider using personal firewall software on each computer connected to the router.
  4. Turn off the network during extended periods of non-use: Shutting down your network will certainly prevent outside hackers from breaking in. Although it is impractical to tum your devices on and off every time you want to use them, it is advisable to consider doing so, especially during travel or extended periods offline.
  5. Change the administrator passwords: To set up a router, manufacturers provide web-page interfaces. To access these web pages, you need to log in with a username and password. The default login details provided by router manufacturers are simple and well-known to hackers on the Internet. You should therefore change your router login details immediately after purchase and keep these details secret.
  6. Set up your router to use encryption: Most Wi-Fi equipment should support encryption, but your Wi-Fi router may not have this activated by default. Encryption is essential for maintaining privacy as it scrambles digital information, making sure it is only available to those for whom it was intended. You will need to make sure that all of your Wi-Fi devices share identical encryption settings.
  7. Change the default SSID: Wi-Fi access points come with a default name that is broadcast to any Wi-Fi device within range this is called a “Service Set Identifier” (SSID). Hackers are quite adept at figuring out the manufacturer defaults and so it is advisable to change this to something unique.
  8. Disable SSID Broadcast: Tum off the feature on your router that broadcasts your router’s SSID. If you already know your SSID, you can manually set your other Wi-Fi device(s) to connect to it. In any case, broadcasting your router’s SSID is an open invitation to hackers (or your neighbours) to break into your system or use your bandwidth. Check the manual for your Wi-Fi hardware to find out how to disable SSID broadcasting.
  9. Enable MAC address filtering: Every piece of Wi-Fi equipment has a unique identifier called the physical address or MAC address. Access points and routers keep track of the MAC addresses of all devices that are connected to them. Many products like this offer the owner an option to key in the MAC addresses of their office equipment and then to permit Wi-Fi access only to those devices. Please note that this feature is not as powerful as it may seem, because hackers can fake MAC addresses.
  10. Do not auto-connect to open Wi-Fi networks: Connecting to an open Wi-Fi network could expose your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying you. This setting should only be enabled temporarily.

Although no method is 100% secure, these steps will help secure your wireless network against people looking to steal your company or personal information and/or your internet bandwidth.