Wireless and the security of your business
Wireless networks are everywhere; in workplaces, in homes, and in schools the world over. They allow us to read the news, view our Facebook and Twitter pages, stream Youtube videos, join our smart phones and tablets to the network and check our bank accounts without having to use any cabling at all.
Providing wireless access into your secure, fixed/wired network without understanding the implications is fraught with potential issues. It’s akin to buying a Porsche 911 and parking it in a rough neighbourhood with the keys left in the ignition. You know you’re heading for trouble.
When setting up a wireless network, the standard user doesn’t normally know what WEP, WPA and WPA2 authentication means and are happy to use the router’s default wireless configuration. This is where a lot of wireless networks become a real issue for business.
Let us explain the encryption standards and options:
- WEP (Wired Equivalent Protection): In 2003 the Wi-Fi Alliance announced that WEP had been superseded by WPA, and while WEP is still widely used today, it is the most vulnerable standard of the three available options. Many easy-to-use applications can crack into WEP-protected wireless networks in as little as two minutes. They do this by using a range of methods, including WEP-protected key recovery, dictionary attacks and packet sniffing.
- WPA (Wi-Fi Protected Access): While WPA is a step up from WEP, several security vulnerabilities still exist leaving WPA protected networks open to attack. The most notable of these vulnerabilities is within the Wi-Fi Protected Setup (WPS) option now packaged with most new model routers. The Wi-FI Protected Setup (WPS) vulnerability allows a hacker to recover one’s password within an average of two to three hours.
- WPAv2 (Wi-Fi Protected Access 2): Wi-Fi Protected Access 2 (WPA2) was made available in 2004 and is the strongest of the three encryption standards. WPA2 is stronger than both WEP and WPA because of its advanced encryption methods and the extensive testing it was subjected to by the Wi-Fi Alliance. While WPA2 is the strongest of these methods the WPS vulnerability, still exists if you initiate that authentication method. For this reason we encourage you to switch off WPS.
Now that you have an understanding of the different types of authentication methods and the disadvantages of the certain authentication methods, are you sure that your wireless network is using the preferred WPAv2 authentication?
Take a walk down the street to your local shopping complex and look at how many wireless networks are available in your area? You will see plenty and they’ll likely have their wireless name (SSID) broadcasted for all to see. It’s like saying to a hacker, “pick me, pick me”. A hacker may still be able to see your wireless SSID using special software, but by not broadcasting your wireless ID they need to make extra effort to find it.
If you have concerns about your wireless network, contact CIBIS so we can properly secure your network.
SSID - is the public name of a wireless network.