As my fellow E-consultancy blogger Drama 2.0 discussed earlier this week, the theft of more than 40mn credit and debit card numbers was due to insecure wireless networks.
If you run a wireless network at home or in the office, the same sort of security breach could easily occur if you are not taking advantage of your wireless router’s security features.
Don’t use defaults. It is almost always a good idea to change default usernames and passwords and your wireless router is no exception. One of the first things you should do when setting up your wireless network is to change the default administrator username and password.
Additionally, most routers have a default name, or SSID, for your wireless network (i.e. belkin54g). It’s a good idea to change this for several reasons. First, if you don’t change it, it will serve as a hint to intruders that you probably left the defaults in place everywhere. Second, once an intruder knows what model router you’re using, it’s not difficult to find the default username/password and to look for known exploits.
Use encryption. Every good router supports encryption and if you’re not using it, your network’s security is likely to be compromised. If you have newer equipment, use WPA or WPA2 encryption. WEP encryption is less secure.
Use MAC address filtering. Every network card, whether it’s wireless or wired, has a unique Media Access Control address (MAC address). A good wireless router will allow you to specify that only certain MAC addresses be allowed to access the wireless network. This can help prevent unauthorized computers from accessing your network.
Be sure to read your router’s documentation to find out how to set up MAC address filtering. To find out how to determine the MAC address of your network cards, click here.
Use your firewall. Most good routers have some sort of firewall built in and it should be used in addition to a good software firewall that is installed on the devices accessing your wireless network.
- Disable SSID broadcast. By default, most routers “broadcast” their existence to the world. This makes it easier for devices to detect their presence and connect automatically. But this broadcast also gives intruders a target. By making your network “invisible” and setting up devices that need to access it to connect manually when in range, you can make your network less of a target to less-savvy intruders.
By being proactive, you can significantly reduce the risk that your wireless network will be compromised.
If you find that setting up a secure wireless network is too challenging (sometimes it can be a real pain), I recommend hiring a qualified consultant to do it for you. It’s a worthwhile investment.