Keep your Wireless Network Secure

By Sandra Deutscher, CM IT Solutions of San Diego: Central

Wireless networks are powering an increasing number of small businesses, but also leaving them vulnerable to intruders and hackers. At one medical office in the San Diego area, for example, the wireless network is so well known that many people will drive into the doctor?s parking lot just to use his Internet connection with the laptop computers in their cars. While most of them are probably just checking their e-mail or surfing the Web, these same people could potentially gain access to the doctor?s patient tracking system and his confidential medical records. He has the obligation to keep those records secure to comply with federal HIPAA (Health Insurance Portability and Accountability Act) requirements.

An outside user could not only view confidential information, but also erase data, or put a virus or spyware on the network. And they can get away with it because the wireless network is open and exposed

Nevertheless, many businesses continue to install wireless networks because they offer both convenience and mobility. Companies don?t have to go through the expense of dropping cables and stringing network wires throughout the walls and into each office and cubicle when they set up a wireless network. All they need is a wireless router and maybe some additional access points. Any employee with a computer equipped with a wireless interface can use the network to check their e-mail, surf the Internet, print documents, share files, and perform all the other tasks that wired networks provide.

The speed of a wireless network is a little slower than a wired network, but the trade-off is worthwhile. Users can simply bring their laptops anywhere throughout the offices, whether it?s a conference room, lunchroom, or a colleague?s office, and access the network wirelessly without having to search for an open Ethernet connection where they can plug in a notebook computer. And if the office is going to be relocated anytime soon, the company doesn?t have to go through the extra expense of stringing wires throughout one building only to have to re-install the cables again in another location. They can take all their existing equipment with them, move into the new offices, and set up the wireless network again.

But while wireless networks are easy to set up, small business owners need to ensure they have implemented the proper security precautions. If they just use a friend, relative, or someone on staff who seems to know a lot about computers, then chances are that person is not going to do the job properly and will leave gaping security holes that will make the network vulnerable. Small business owners need to make sure that the people who install the wireless network know what they?re doing. For example, they should make sure that they don?t just use the default key, system ID, and password that come with the equipment. Hackers often are familiar with the default settings for hardware from many widely used manufacturers. Once somebody knows whose equipment is being used, and the business doesn?t change the system ID and the other settings, then it?s easy for the hacker to get into the network and view confidential information, alter it, or destroy it.

If a neighboring office also has a wireless network and happens to use equipment from the same manufacturer, they might not change the defaults either and they could easily log onto the other company?s network without bothering to get permission. Wireless transmissions will go about a hundred feet within an office, but they can also go a hundred feet the other way, in other words, to the outside world. Different manufacturers of wireless network hardware often provide various methods for further encrypting the data transmissions and these should be enabled to make the network more secure.

When setting up the wireless network, try to avoid having the network announce to the outside world that it?s available. Unless you have a business like Starbucks, where you want people to come in and pay to use your network, only let your own employees know about the wireless capability. There are people who actually drive around searching for open wireless connections with the aid of a laptop equipped with a wireless adapter. Make sure your network isn?t one of the networks they can identify from the outside. If you have already set up a wireless network in your business, it?s a good idea to get it checked out by a professional who knows what he or she is doing. It?s worth spending a little money to get someone who can come out to your place of business for an hour or so, check the wireless network for vulnerabilities, and secure it.

Once hackers know how to get in, they can keep on entering the network whenever they want unless it is secured. If the network has already been broken into, hackers will sometimes try to cover their tracks, but it?s often easy to detect what?s been done. If the network is acting strange, that could be a sign a hacker has broken in. If you have a virus loose, or information seems to be missing, or you notice any kind of unusual behavior on the network, that could be a sign of a hacking attack. Passwords need to be changed on a frequent basis to keep people who have somehow learned the password from being able to come back again and again.

Whether a business has a wireless or wired network, it should check to make sure that its routers have been set up properly. Most routers come with a firewall, but it?s often not the most advanced firewall. Implement multiple lines of defense, with additional firewalls for the network and the router, both software and hardware based. Also make sure the antivirus software is up to date, as well as the operating system on your PCs. A few months ago, Microsoft introduced Windows XP Service Pack 2. Make sure all the computers on the network have been updated with this latest version, which patches a large number of security vulnerabilities and contains some firewall software of its own, giving you some of those multiple lines of defense. If one line of defense gets penetrated, others will be there to protect the network. Hackers will see that the network is thoroughly defended and won?t waste time on it when there are so many other undefended networks out there that are easy to break into.

Businesses should also be certain to back up the data on their networks on a regular basis, preferably every day. If the network is compromised, a hacker can destroy some of the data. But with a backup in place, the business can restore the data and be back up and running quickly.

Security is as important for a small business as for a large corporation. All businesses need to have a plan for securing their network at all levels and backing it up. Just as the technology improves, the hackers also get better, and you have to stay ahead to defeat them.