If you are asking this question, the answer is probably no. Security threats are increasing constantly. And wireless networks require extra attention. But who has the time?
As an IT consultant who specializes in data security, it’s not hard to see that the current explosion of wireless devices will soon be followed by a flood of wireless data security issues. I hope that by helping you be prepared I can save you trouble down the road.
We All Like Wireless Networks
You depend on your wireless network. It’s convenient. It makes you more productive. And employees and customers like to use it, too.
Wireless networks are easier to deploy and expand, quickly accommodating growth. Lower TCO makes them attractive to smaller organizations.
While enjoying the benefits, you may overlook the risks. I’ve heard business owners say “We’re not big enough to be a target.” or, “We have antivirus software.” These misconceptions can greatly increase the likelihood of suffering a successful attack.
Let’s talk about the risks and the different ways that your wireless network might be compromised. That’s the first step in making your wireless network secure.
Everyone Wants In
The risks to wireless networks have increased considerably in the past few years. The proliferation of mobile devices, and the popularity of BYOD, social media, and guest Wi-Fi networks increase the risk of a data security breech, data destruction or competitive snooping.
Each device and program that you use expands the perimeter of your network and provides a potential weak spot. All wireless-enabled devices should be considered access points to your network that need to be secured.
Sources of the threats to your wireless network include hackers, competitive spying, employee theft and, employee sabotage, to name a few. Small businesses are not immune to any of these types of attack. I’ve seen it all.
According to the National Small Business Association, almost half of the companies surveyed recently had been hacked. Yikes!
Small firms continue to make attractive targets because they spend less on data security and may underestimate the risks to their wireless networks.
Bluesnarfing?
The methods used by hackers to compromise wireless networks are as diverse as people on the subway. They include rogue access points, sniffing, denial of service, man-in-the-middle, evil twin, network injection, war driving, bluesnarfing and bluejacking, and other exotic-sounding schemes.
Hackers often use these methods to gain access to wired networks through a wireless one. It’s usually the easiest way in.
Rogue access points are a common problem that is often accidental. A standard open access point is added to the network by a user, perhaps the accounting guy in the back room. Doing so creates an easy entry point for hackers and compromises the safety of the entire network.
Bluesnarfing and bluejacking are methods of compromising Bluetooth technologies, like headsets, on wireless devices to gain access. They have the disadvantage of being untraceable. Good to know.
Most methods exploit vulnerabilities in the hardware or software to gain access to the network. The recent Heartbleed vulnerability is a good example.
Heartbleed compromises open SSL encryption software to allow attackers to monitor all information passed between a user and a web service.
Information that may be compromised can be anything from passwords and credit card numbers to the content of your email, documents and data.
Keeping Up
Wireless network equipment manufacturers continually update their hardware and software to keep up with evolving threats. A major network equipment supplier recently announced security vulnerabilities in its Wireless LAN Controller products. In other words, someone found a way to hack their network hardware.
The company released patches that address these vulnerabilities. This is common practice with security technology providers. Applying the updates will keep you protected.
Both suppliers and users have to be vigilant. Manufacturers are working hard to improve defenses with improvements like end-to-end encryption and wireless intrusion detection and prevention. Bring your own device (BYOD) policies are a significant area of concern for businesses.
The Good Stuff
Our firm has a close relationship with a company that provides outstanding small business wireless network security technology.
WatchGuard Technologies Unified Threat Management (UTM) and Next-Generation Firewall (NGFW) appliances are the first to allow users to deploy, configure and manage both wired and wireless network security through a single appliance in a single view. One of these red boxes will do a good job of beefing up your wireless security.
WatchGuard’s wireless network security solutions include the latest technologies to block hackers and other threats, including:
- Packet Filtering
- Application Control
- Intrusion Prevention
- Web Blocker
- Gateway Antivirus
- Reputation Enabled Defense
- Spam Blocker
- Reputation Enabled Defense
- Data Loss Prevention
- Advanced Persistent Threat (APT) Blocker
- LiveSecurity Service
Regardless of the vendor and technology that you choose, keep it up to date. Strong network security deters internal theft, protects your business from hackers, and safeguards your employees’ and customers’ information. You get to enjoy your wireless and sleep better at night, too.
Find a Good IT Security Partner
To make your small business wireless network secure, start by consulting an IT security expert who can recommend solutions. Look for one that offers 24/7 monitoring and services to keep the technology up to date.
Applying security patches is a big deal when it comes to closing off newly discovered vulnerabilities and preventing security breaches. An IT Security provider who is serious about preventing attacks will apply patches weekly. Few vendors do this.
Total wireless network security solutions, including service and the latest hardware and software security technology are available for a flat monthly fee. When you find an IT security expert you trust, let them do the heavy lifting while you do what you do best.
Carl Mazzanti is CEO of eMazzanti Technologies, 2012, 2013 & 2015 Microsoft Partner of the Year and a NYC area IT security expert.