Six Things You Should Never Do to Keep Your Wi-Fi Network Secure

Posted by in Guides, Internet, Wi-Fi

Wi-Fi networks are prone to hacking, but their security can be hardened by applying the right measures. Sadly, the Internet is filled with network security myths, and this makes people apply outdated advice and techniques, which make the things even worse. Read on to discover several steps that you can take to boost Wi-Fi security levels.

1. Don’t use WEP

WEP, the acronym for wired equivalent privacy, is a joke by today’s security standards. And yet, some people continue to use it, exposing not only their network password, but also the files on all the devices that are connected to the network.

wep-weak-wifi-security-mechanism

If you use WEP, stop reading this article and switch your network to WPA2. Of course, some of your devices may not support a WPA2 protocol. If this is the case, try updating their firmware, and if this doesn’t fix the problem, simply throw them away and purchase newer devices.

2. Don’t use pre-shared keys (PSK)

The PSK mode isn’t secure enough for business environments, and even for home users who tend to lose their devices. If this happens, you would need to change the PSK each time a smartphone or tablet gets lost or is stolen.

802.1X-encryption

Use 802.1X/EAP to secure your network instead. This way each device can have its own login user and password, and even a digital certificate, if the network belongs to a company. In this case, if a device is lost, you would only have to change the login information for that particular phone, tablet, laptop, and so on.

3. Don’t rely on hidden SSIDs

One of the most circulated Wi-Fi myths is that hidden SSIDs will make your network invisible, and thus impenetrable. The reality is that even with hidden SSIDs, the network name can be easily recovered from the data packets, using a plain wireless analyzer.

Sure, some people think that a hidden network is harder to break into, and that may be true to a certain degree. This won’t be an impediment for an experimented security analyst or hacker, though. In addition to this, hidden SSIDs will decrease the speed of your network, due to the increased number of probe request/response data packets.

4. Don’t rely on MAC address filtering

Another common Wi-Fi myth is that filtering MAC addresses will keep trouble at bay. The reality is totally different, though: an attacker can sniff the MAC addresses, and then replicate an allowed address using his or her computer.

mac-filtering-myth

This doesn’t mean that you should drop MAC filtering. Just like with hidden SSIDs, it provides an extra layer of security, albeit a poor one. Changing and monitoring hundreds of MAC addresses in an enterprise environment is a complex, tiring task for sure.

5. Don’t set your router power to its maximum

Most routers have the ability of setting their emitting power. Often times, it’s a plain low, medium and high power setting. Still, if the devices that access your network are nearby, you should keep the power level to a minimum.

This way, Wi-Fi signal will only be kept inside the room or building. If you’ve got a particular device that needs higher Internet access speeds, consider replacing one of your router antennas using a Wi-Fi cable and a directional antenna, and then point it towards that particular device.

6. Don’t forget to update all the devices

Often times, computers and laptops running in an enterprise are kept up-to-date. I’m talking about operating system security patches, drivers, software application patches, antivirus updates, and so on. Things change when it comes to mobile devices, though.

Computers and laptops may have firewall applications installed, but very few smartphones and tablets utilize a firewall. If you are a system administrator, it is your job to set up a secure network. Set up VPN access for the users, and then educated them. This way, you will save a lot of trouble.