Five Security Measures for Corporate Wireless Networks:
Chief Technology Advisor and CEO of Sequentur, Roman Gruzdev, describes the set of accommodations that can be applied to the corporate wireless network. Implementing wireless security measures is important to help keep hackers out of your network. These security measures should be implemented in all organizations by the person in charge of the wireless network.
- Change your SSID
Wireless access points come with a built-in SSID (Network Name) and password. Hackers know the SSID names and can therefore easily hack into your wireless network if you do not customize your SSID. You can change the SSID name in your wireless router settings.
- User Authentication
WPA2 and Active Directory Authentication can both be used to keep your wireless network secure. You want at least WPA2 security settings for your wireless network. Authentication will require a password for the wireless network, but in a corporate environment, you can also require authentication via Active Directory on your domain.
- Disable DHCP
DHCP, or Dynamic Host Configuration Protocol, is the method by which your wireless router can randomly assign IP addresses to the devices on the wireless network. When DHCP is enabled, the IP address assigned to a device may change periodically, and these IP addresses are interchangeable between devices. Disabling DHCP and using static IP addresses which are assigned to each device is a good way to control which devices are allowed to have wireless access.
- Mac Address Filtering
Every device which can access a network has a hard-coded MAC Address. These addresses allow the hardware device to be associated with an IP address and identified on the network. By using MAC Address Filtering, you can list the allowed devices in the settings of your wireless access point. This is a good security measure because devices which are not known to the network administrators will not be allowed to access the wireless network.
- Certificate Authentication
The use of certificates to authenticate users on the wireless network is another way to improve access security. This is an advanced security measure that can help to avoid hackers attacking your network by spoofing. MAC Address spoofing is duplicating a known MAC address and masquerading as that known device on your network. Certificate Authentication uses certificates which are unique to each user and are installed on each device which the approved user will connect to your wireless network.
Don’t Leave the Back Door Open
As Roman describes, in the video, you want to take as many of the security measures possible in order to secure your corporate wireless network. Using only one or two is likened to locking the front door while leaving the back door propped open. For more information or assistance in securing your corporate wireless network, contact Sequentur.