Best Practices for Small Business Wireless Security

Best Practices for Small Business Wireless Security

Small business owners have a lot on their minds, but it seems that network security isn’t always one of them. An unsecured wireless network, as trivial as it may seem to some, can be costly on a growing business. Below we’ve taken note of what small business owners can do to ensure that unauthorized people can’t access private folders or steal sensitive data.

Encryption

Unfortunately, many people assume that wireless routers are secure by default. Not only is this assumption wrong, but it’s also dangerous. Small business owners should always make sure to enable encryption on their router. Failing to do so gives access to anyone to your wireless network. To prevent this, you’ll need to use a PSK mode of WPA or WPA2. By setting up an encryption password on connected devices while connecting. FOr employees, you should use the EAP mode of WPA security to prevent employees from seeing the encryption password. This is a precaution in the case that a company sanctioned laptop or mobile is stolen.

Limiting Access

In the modern workplace, shared folders make life easy by providing easy access to the relevant parties. That being said, you should always make sure that all shared resources on the network are secured by setting file and sharing permissions and determine which employees have access to which documents.

Physically Secure Wireless Gear

Sometimes wireless settings aren’t enough. You should make sure that your wireless equipment is well out of view and reach of all visitors. If your wireless router is in plain view, any unwanted guests could easily disable encryption settings. Additionally, you should make sure that any and all ethernet ports are out of reach of visitors, preferably behind desks, and that all unused ports are either removed or disconnect from the internet.

VLAN

For businesses with frequent guests, remember that you should never allow non-employees to access your  private wireless network. Doing so could provide an opportunity for somebody to hijack some network accounts. If your business is looking to provide visitors with guest access, you should always remember to establish a virtual LAN with a separate SSID.

Address Filtering

While MAC address isn’t a major defense against a veteran hacker, it has the ability to deter the casual network snooper. With this approach, you identify the MAC addresses you wish to to allow network access. All other devices trying to access the network will be turned away, but it remains possible for someone to use a privileged MAC address and pass it off as their own. Again, don’t rely on this method as a serious defense against hackers, it should be regarded as a deterrent at best and an inconvenience at best.

Follow Doug

Doug Atkinson

President at Solutions Review
An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.
Follow Doug