Is Your Network Safe?

As many business owners have already seen, the prevalence of laptops in the mobilized workforce has introduced wireless technologies in both the home and office environments. Wireless can add significant value to your organization by allowing employees to move freely throughout the office with their mobile devices and providing access for visitors. However, the addition of wireless technology, or WiFi, in (or outside of) your corporate environment introduces new security challenges. It’s more difficult to contain the wireless signal within the four walls of your office or home, and a poorly configured setup can unintentionally provide full access to your servers and data. Just think: A hacker may be sitting in the hallway outside your office or a nearby parking lot all weekend long with access to your network, never setting off a single alarm or breaching the physical boundaries of your office. Once on your network, the attacker can help himself to corporate files and customer data. Adding even greater risk to your corporate network security are poorly configured home wireless networks, be they yours or your employees’. Remote users should be considered an extension of your office, and home wireless devices can add just as much risk as devices in your office.

Choose the Right Technology

Deciding on the right wireless equipment can be tough. Wireless technology can often seem like alphabet soup to the non–tech savvy. Wireless equipment vendors such as Bluesocket, Cisco, Aruba Networks and Meru provide ranges of high-quality equipment that can be used in small offices with one or two access points as well as in enterprises with thousands of access points across their corporate campuses. These industry-leading vendors provide access points and wireless equipment capable of handling a greater number of users with a better quality of service than consumer-grade products for your home. For home and home office applications, recommend that your employees use Linksys, D-Link and Netgear because they provide suitable security at a lower cost than enterprise-level wireless equipment.

Protect Company Network at Home

It’s a fair bet that most of your employees have a wireless access point at home, where many access the corporate network and/ or e-mail. Unfortunately, many home users don’t have the necessary security on their wireless access points to protect against outsiders trying to gain access to your data. This is a by-product of wireless manufacturers’ wanting to make it as simple as possible for non-technical consumers to set up their wireless equipment quickly. For many manufacturers, security is an afterthought and an “advanced” feature for power users. While there’s no easy way to combat this, companies such as Aruba Networks have developed access points you can configure for employees’ home use. This can become cost-prohibitive very quickly, as high-quality access points cost significantly more than consumer-grade devices, as discussed above. The most effective line of defense is to assume the worst and plan remote access strategies that won’t put your company at risk.

Employee Policies

Your network security cannot rely on technology alone. Consider establishing employee WiFi policies that will further prevent unauthorized access to your company’s network (either remotely or in the office). For example:

• Ensure that wireless traffic is encrypted using WiFi Protected Access (WPA or WPA2), a security protocol created by the Wi-Fi Alliance. Visit wi-fi.org for more information.

• Pre-shared keys — passwords that are entered to access a secure WiFi system using WPA — should contain complex characters, numbers and symbols, making them difficult for hackers to crack.
• Cycle pre-shared keys every 60 to 90 days.
• Use a Virtual Private Network (VPN) that employees must log into each and every time they connect to your company’s network from outside the office. VPN is a method of connecting to a private network through a public network, such as the Internet, and can establish a permanent connection between home and office. For employees logging in from outside the office, have them connect to your network through a secure remote access application like Citrix Access Gateway or other SSL VPN.

It’s a great time to integrate wireless technologies into your company’s network. New technology standards promise greater speed and better security. In many ways, a properly configured wireless network is more secure than a traditional wired network.