Securing Wi-Fi

Hi. Craig Peterson here with a blink into using Wifi.
 Our online lives revolve around Wifi. At home, at the office, and on the road. We’ve had Wifi for years, and yet we often don’t configure or use it correctly.
 In our homes and businesses, we need to make sure we are using the highest level of encryption available. For most of us that means using “WPA2” encryption, which will keep prying eyes out of our business.
Changing the name of our Wifi network, also known as the SSID, is important to distinguish it from other networks in the area.
But, even more important is to make sure that we change the administrative username and password for our Wifi routers. If you’re using the default “admin” and “admin” as your username and password, your network is ready and waiting for a successful hacker attack. 
Public wifi is particularly a problem for those employees who may need to work from a hotel or conference or while on the road.  We’re better off using the “Personal Hotspot” from our smartphone to stay secure.
Business should enforce a remote working / cyber security policy restricting the use of public wifi for any sensitive personally identifiable information or business critical activities.
Mobile Device Management can also be used by businesses to enforce these Wifi policies, and to put in place private business VPNs that can be used to protect confidential information.

Do’s and Don’ts for Creating a Unique SSID (Network Name)

  1. Don’t include any personal information such as names, addresses, birthdays, etc.
  2. Don’t use any part of your router’s password as the name.
  3. Do make your SSID unique and memorable, so you don’t forget it.
  4. Do change if from the manufacturer’s name.

Change Passwords. 

  1. Switch on WPA2 security to guard access to your router. Watch out for WPA3 and use it when it available.
  2. Change the Wi-Fi access password regularly
  3. Change the Wi-Fi administrative (default) password with a passphrase that is long, unique, and memorable (45-50 characters)

Keep the Firmware Up to Date

  • Firmware is the low-level software that controls all router functions. 
  • Firmware is responsible for defining the security standards for your network, sets the rules about which devices can connect.
  • When it is up-t0-date, you protected because you have all the latest bug fixes and security patches.

Disable Remote Access, UPnP, and WPS

  1. Having router remote admin-level access can be helpful if you have to access administrative functions from a remote location. However, for most of us, this feature should be turned off. You can do this from the router setting panel. Your remote access apps will work fine without them the administrative functions enabled.
  2. UPnP (also known as plug and play) makes it easier for smart TVs and game consoles to access the internet, BUT it is hackers will use it to make changes to your router’s security settings.
  3. The good intentions of the WPS protocol do not outweigh the ease of use for people using it to gain unauthorized access through your router to your devices. WPS allowed you to connect new devices with a button push or a PIN code.

Guest Network Set-Up

  1. Most decent routers will have the option of broadcasting a Guest Wi-Fi network. I recommend that you use it to grant your guests access to a Wi-Fi connection, without allowing them free access to your network
  2. Another option that you should enable is the option to hide the SSID of your primary network. That is the name that the router will broadcast when devices scan for available Wi-Fi networks. With the SSID hidden, visitors will be unable to see your network, which means they can’t connect to it. However, it still allows you to add devices to it because you’ll know the SSID and credentials required for access.