PL
DE
UK
One of the key tasks in maintaining the security of a corporate network, is to properly configure the wireless network. Read how to do it. You can apply the principles to both corporate, corporate and home WIFI configuration.
The world does not exist without WIFI networks. Several types of wireless network security can be distinguished: WEP, WPA, WPA2, and soon to come WPA3 and others. Which one will be most suitable for your office?
Why does a WIFI network need security?
A wireless network can transmit data over an entire area using radio waves. At the same time, wireless data transmission makes it quite easy to intercept data. The consequences? Other users can even eavesdrop on private and confidential conversations conducted over WIFI networks.
5 rules to help you safely set up your office WIFI network
WEP, WPA, and WPA2: the differences.
These designations indicate the security standards of wireless networks:
- WEP (Wired Equivalent Privacy) – one of the first and older wireless network configurations. It is an encryption standard, designated 802.11 and approved in 1997. Its purpose was to ensure data confidentiality just like in a regular wired network. WPA is the most vulnerable to breach and data leakage.
- WPA, or WiFi Protected Access, is an encryption standard that replaced the long-deserted WEP. It provides blocking of unauthorized users and encryption of data to prevent unauthorized access.
WPA2, or WiFi Protected Access II, is an advanced encryption standard (AES) before TKIP (802.11i). It has improved all the security determinants of WEP. This is the highest standard, which is great for corporate WIFI security and personal devices. Adapting Wi-Fi networks with this standard and implementing the use of authentication certificates allows only authorized users to access sensitive networks. For corporate networks, WP2 Enterprise with TLS is strongly recommended.
Always separate public and private networks.
Never use guest networks to store private, business or sensitive data. In many cases, guest networks have the lowest level of data security or are even open networks. Always ensure separate settings for guests, contractors and personal devices. Keep corporate devices in a separate location that is extra secure. Use WPS2, TLS and MDM registration to ensure maximum security on your corporate network. In addition, take advantage of guest subnetting, which will reduce congestion, clean up the network and allow you to control and respond when unwanted activity is caught.
Lock routers and store them in a safe place.
It’s best to keep your network devices in a server rack or in a dedicated area that guests and other outsiders can’t access. Otherwise, someone can easily enter your private network and have access to the equipment if the device is not locked. Placing the router in the safest possible place will reduce the risk of the router being taken over.
Remember to change your router’s default settings.
If you change your router’s default settings and information such as passwords, usernames, you will automatically reduce the risk of confidential information theft. It’s also a good idea to change the automatically set SSID or network name of the wireless device before deployment. The vast majority of routers have a default username and password, which are generally known to hackers and IT professionals. If you implement this rule, it will be harder to crack your network.
Run firewalls on all devices.
A firewall protects your network and the devices connected to it from attack by potential intruders, hackers or from any dangerous activity. It’s also a good idea to enable firewalls on your devices. Most routers have this option, as they include a built-in firewall.