Top 10 Wireless Network Risks
Many organizations are installing and implementing wireless networks. To help business managers make informed decisions, Altius IT provides this list of the Top 10 wireless network risks:
- Bandwidth Stealing – Outside intruders can connect to wireless access points. By using the Internet connection to download music, games, and other software, they reduce employee productivity.
- Criminal Activity - An unauthorized user can use the Internet connection for malicious purposes such as hacking or launching Denial of Service Attacks.
- Masquerade – By using the Internet line, an intruder “hides” under protective cover and appears to be a part of your organization.
- Litigation Risks – Organizations are at risk if the intruder is doing illegal activity such as distributing child pornography. If the criminal activity is discovered and investigated, the origin of the attack will be traced back to the organization.
- Reputation - An organization’s image and reputation is at stake if the wireless network was used as the initial access point to hack into restricted government networks.
- Financial risks - Most ISP's not only reveal customer information to the authorities to assist with legitimate criminal investigations, but also hold the organization responsible for any and all activities related to the Internet connection.
- Confidentiality – Wireless networks tend to be connected to in-house private networks. This may allow an intruder to completely bypass any hardware firewall protective devices between the private network and the broadband connection.
- Evil Twins - Most new laptops include the ability to connect to wireless networks. Laptop computers may accidentally connect to fake (“evil twin”) networks. Employees believe they are connected to the authentic network however they are actually connected to a fake network that steals ids, passwords, and other confidential information.
- Clear text – Some network information is transmitted in clear text and is not encrypted. Once inside your network, an intruder can install a network sniffer and gain access to confidential information without the victim’s knowledge.
- Information Sensitivity – Not all data has the same sensitivity. Due to the risks involved with wireless networks, confidential data such as client lists, trade secrets, etc. should not be stored on or accessible by wireless networks.
Securing Wireless Routers
Altius IT recommends the following steps be taken to secure your wireless routers:
- Default Password - change the default administrator password. Use your browser to access the address provided in the manual. Use the control panel to make the change.
- Password Strength - create a long and strong password using a combination of upper and lower case characters, numbers, and symbols.
- Service Set Identifier (SSID) - change the SSID name to something unique. Disable broadcasting of the SSID.
- Universal Plug and Play (UPnP) - UPnP provides automatic discovery of other Plug n Play devices on the network. Where possible, disable Wide Area Network (WAN) management and UPnP connectivity.
- Encryption - Create a strong encryption key using WPA2 AES. Create a long and strong Pre-Shared Key (PSK) that has at least 40 random characters, numbers, and symbols.
- Firewall - enable the Stateful Packet Inspection (SPI) firewall on the device.
- Ping - the router should not respond to outside ping Internet Control Message Protocol (ICMP) requests.
- Management - Enable only https or secure shell (ssh) for router management. Don't use HTTP or telnet since they send information in clear text.
- Updates - periodically check for firmware updates.
Network security audits help organizations identify, manage, and reduce their wireless network security risks. Formal and documented policies ensure a top down approach to managing security risks.