Protecting Your Wireless Network

A wireless network can be a big boon for a small business. Multiple computers can share printers and a single broadband internet connection without the hassle of running cables through walls. You can access your customer database whether you're in your office or meeting clients in a conference room. Employees in the stockroom can update your inventory database in real-time using wireless PDAs.

Unfortunately, wireless networks are also a big boon for hackers.

Wireless networks transmit data over radio waves, which can potentially be intercepted. As a result, an unprotected wireless network is like an unlocked door--and too many small businesses are leaving their doors wide open. By year's end, about 75 percent of businesses with 1,000 employees or less will have wireless networks, according to research firm Gartner. Only half of all wireless networks are protected.

Content Continues Below

Whenever there's an opportunity, there'll be someone to exploit it. For example, "wardrivers" are people who drive around specifically looking for unsecured wireless networks to access. A wardriver may simply be seeking a free ride onto the internet. On the other hand, someone within the signal range of your wireless network could steal your business's private data (such as account numbers and customer records), record the keystrokes you type on your computer, monitor the websites you visit, and read your e-mail--without even having to get out of their car.

What's more, a hacker could use your wireless network to illegally download copyrighted music files, send spam (illegal in some countries), sell drugs or commit other crimes. And if a crime is traced to your network, you could be held responsible.

Keep Outsiders Out

Below are some steps small businesses can take to make their wireless connection more secure:

• Change your device's default password. Wireless access points/routers come with default passwords set by the factory. Once entered, the password gives you access to change the device's settings. Hackers know these default passwords and can use them to access your wireless access point/router and change its settings, for instance, turning off security features. To prevent unauthorized access to your wireless network equipment, change the device's password to something difficult to guess. This password should preferably be an alphanumeric combination longer than 10 characters.

• Change the default SSID. A service set identifier (SSID) is the name used to identify your wireless network. Your wireless access point/router came with a default, preset SSID. Hackers often look specifically for these preset SSIDs when scanning for networks, because they're considered easy targets. As soon as possible, change the default SSID to something unique and, for extra security, change it regularly.

• Don't broadcast the SSID. By default, wireless access points/routers broadcast SSIDs, making it easy for legitimate users--as well as hackers--to find and join a wireless network. However, you can choose not to broadcast your network's SSID. Devices such as wireless computers and PDAs that require access to the network can be configured to automatically connect to your network's SSID, so they don't need the SSID to be broadcast to hook up.

• Use encryption. Encryption is a security feature in your wireless network equipment that can be turned on or off in software. In essence, encryption translates data into a secret code only the intended recipient can understand. Encryption prevents data from being altered during transmission between an access point/router and a wireless computer or other device.

There are two main encryption standards: Wired equivalent privacy (WEP) and Wi-Fi protected access (WPA). But the newer WPA (and WPA2) protocols provide stronger encryption and more reliable, advanced security. For the best wireless security, make sure your network equipment supports WPA or WPA2. If your equipment only offers WEP encryption, consider upgrading.

• Give off-site users a virtual private network (VPN) connection. WEP and WPA/WPA2 encryption standards don't protect your data after it passes from your wireless access point/router onto the internet or other unsecured network. The best method for creating a continually secure connection on an unsecured network is through VPN technology. A VPN is ideal for protecting mobile users who wirelessly access the company network from the road as well as for home-based employees with dial-up or broadband connections. Fortunately for small businesses, VPN technology is affordable and widely available.

• Keep your wireless hardware's firmware updated. The software that enables access points/routers to operate properly, called firmware, is frequently updated by the device manufacturer. Often, updates include enhanced security. Updated firmware is available for free downloading online. Check your device manufacturer's website support area regularly to ensure you have the most current firmware version installed.

• Enable MAC address filtering. A media access control (MAC) address is a unique series of numbers and letters assigned to every network device. You can configure your wireless access point/router to only allow access to specified MAC addresses (such as the addresses of each wireless computer on your network). MAC address filtering makes it much more difficult for hackers to access your network. The downside: It's also more difficult to give wireless network access to clients, partners or others visiting your offices or locations. But protecting your system may be worth it.

• Set a wireless policy. Create a clear but simple wireless network usage policy for all your employees to follow. The policy should include guidelines on the use of passwords, personal devices, such as wireless PDAs, and public Wi-Fi hot spots.

• Get help if you need it. Small businesses don't always have the human resources needed to maintain a secure wireless network. Value-added resellers, managed service providers and suppliers of wireless networking gear can help you design, implement and maintain security for a wireless network.

• Stay up to date. A wireless network can help your small business stay flexible, competitive and productive. New applications are pushing the benefits of wireless networks even further. For example, wireless voice over internet protocol (VoIP) phones allow users to stay connected to a VoIP system while they roam about the office, stockroom or store.

A wireless network is only as good as its security. So to keep your business growing today--and tomorrow--make sure your wireless network is up to date and comprehensive.

Peter Alexander is Entrepreneur.com's "Tech Trends" columnist and vice president of worldwide commercial marketing at Cisco Systems Inc., the leading supplier of networking equipment and network management for the internet.