How to secure your company’s wifi network?
More than 30% of the devices that connect to corporate wireless networks do not have any protection method. Are you aware of the risk to which your entire network is exposed?
Nowadays, it is no longer easy to find a place where there is no WiFi coverage, whether public or private.
When a company allows open wireless connectivity to employees, customers or any external visitor, the potential field of attack expands exponentially because different users and devices have access to the network.
It is very likely that many of your employees’ and customers’ expectations for wireless connectivity in your business are increasing, demanding access to a WiFi network to access real-time information anytime, anywhere. This presents great benefits in terms of efficiency and productivity, but at the same time presents significant challenges, especially in terms of cybersecurity.
The advantages of having a secure WiFi network
- We do not need to connect to a cable that we have previously had to run through walls.
- We are connected in any corner of the office. Allows access to network resources from any location within the wireless network coverage area.
- They are economical and widely used.
- You can easily expand the network where and as needed.
- Wireless access to the Internet and company resources helps your staff be more productive and collaborative.
- The installation of connectivity devices is faster and more cost-effective than in a wired network.
Basic tips, How to protect your company’s Wifi network?
Networks have become a basic part of doing business, so planning for your business’ cybersecurity is just as important as sales and marketing. Below, I share four factors a business should consider when setting up a WiFi network in a secure manner:
-
-
Do not leave access to your WiFi network open.
It is recommended that a network be configured with a Service Set Identifier (SSID), a unique identification consisting of 32 characters and used to name wireless networks. This allows you to generate multiple wireless networks that have different accesses, for example: a dedicated network for visitors that is different from your employees’ network. When multiple wireless networks are used in a given location, SSIDs ensure that data is sent to the correct destination.
-
Using a RADIUS server
It is advisable to use a RADIUS server for authentication and authorization of LDAP user employees, for better user management, to keep a detailed record of accesses to the WiFi network, privileges, access levels, filters, etc. customized for each employee. This avoids the use of shared keys.
-
Use an initial connection page.
In it, you can indicate the access conditions and request compliance with them. If you have a constant flow of external visitors who need access to the WiFi network, such as hotels, it is advisable to have a mini portal or web page in which you publish your access policies to the local guest network, through which they must first connect before connecting to the network. Include an agreement button, listing the terms and conditions that must be met before guests can connect to the network. This provides some protection if a guest violates your company’s policies. It is also a good idea to apply content filtering policies to prevent someone from visiting inappropriate or malicious sites.
-
Limit network access time.
Provide logs that expire in a specific period (hours, days…) taking into account the particularities of your business and your security policies. Network administrators can limit the time of guest network access.
-
Educate your employees on safe uses.
-
Don’t assume that network cyberattacks can only come from external users or visitors to your business. Your employees can accidentally create security vulnerabilities, so it is critical to establish security policies and educate your colleagues on safe practices for using wireless networks.
There are more security tips, such as the use of ISE: among other benefits we highlight the ability to centralize and unify a highly secure access control based on the business role to provide a uniform network access policy to end users, via wired, wireless or VPN connection.
