Wireless security tips for mobile workers

interior of a hotel roomRemember when “going to work” actually meant getting in the car, driving in traffic, and joining your co-workers in your cubicle…at “work”?

As mobile computer services and devices – such as smart phones, iPads and other tablets – proliferate, organizations and their employees are gaining more flexibility.

According to ESG research, there still are twice as many desktop PCs as laptop PCs, but that number is rapidly shifting, making it easier for today’s workers to manage their work-life balance more efficiently.

Mobility enables organizations to attract better talent, retain that talent by generating better morale and goodwill with employees and their personal lives, and helps an organization’s social reputation by being more “green”.

For many sunshine-deprived workers, technologies, such as Wi-Fi networks, have literally been a breath of fresh air, allowing workers to grab their laptop and work from the park or beach. However, for organizations looking to give their workplace more flexibility, it’s also important to know the risks.

One of the more secure ways to introduce flexible workplace technology is to use terminal servers, Citrix, or any remote pc access technology that allows employees to access data from a secure, centralized location, instead of storing confidential data directly from the laptop – which is susceptible to theft, damage of lost data.

According to the Computer Crime and Security Survey, the value of the information in an average notebook exceeds $250,000. So, for employees that prefer to use their own personal devices, make sure the data can be remotely wiped if the device is lost or stolen

Here are 10 more security tips to consider when using wireless devices:

  1. Change Default Administrator Passwords (and Usernames)
    Most Wi-Fi home providers provide Web pages that allow owners to enter their network address and account information. However, for any given piece of equipment, the logins provided are simple and very well-known to hackers on the Internet. Change these settings immediately.
  2. Turn on (Compatible) WPA / WEP Encryption
    Several encryption technologies exist for Wi-Fi today. However, the way these technologies work, all Wi-Fi devices on your network must share the identical encryption settings. Therefore you may need to find a “lowest common denominator” setting.
  3. Change the Default SSID
    Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. When a hacker finds a default SSID, they see it is a poorly configured network and are much more likely to attack it. Change the default SSID immediately.
  4. Enable MAC Address Filtering
    Many such products offer the owner an option to key in the MAC addresses of their home equipment that restricts the network to only allow connections from those devices. Do this, but also know that the feature is not as powerful as it may seem. Hackers and their software programs can fake MAC addresses easily.
  5. Disable SSID Broadcast
    In Wi-Fi networking, the wireless access point or router typically broadcasts the network name (SSID) over the air at regular intervals. Fortunately, most Wi-Fi access points allow the SSID broadcast feature to be disabled by the network administrator.
  6. Do Not Auto-Connect to Open Wi-Fi Networks
    Connecting to an open Wi-Fi network such as a free wireless hotspot or your neighbor’s router exposes your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying you (the user). This setting should not be enabled except in temporary situations.
  7. Assign Static IP Addresses to Devices
    Turn off DHCP on the router or access point, set a fixed IP address range instead, then configure each connected device to match. Use a private IP address range (like 10.0.0.x) to prevent computers from being directly reached from the Internet.
  8. Enable Firewalls on Each Computer and the Router
    Modern network routers contain built-in firewall capability, but the option also exists to disable them. Ensure that your router’s firewall is turned on. For extra protection, consider installing and running personal firewall software on each computer connected to the router.
  9. Position the Router or Access Point Safely
    The further the Wi-Fi signal reaches, the easier it is for others to detect and exploit. Try to position these devices near the center of the home rather than near windows to minimize leakage.
  10. Turn off the Network during Extended Periods of Non-Use
    The ultimate in wireless security measures, shutting down your network will most certainly prevent outside hackers from breaking in!

Photo credit by CDWaldi.

Yehuda Cagen is the Director of Marketing for the Houston IT consulting firm XVAND Technology Corporation. Xvand is heavily involved in helping clients create a more flexible and efficient workplace through the use of computer services and remote pc access, and was recently recognized for exemplarily workplace practices as an Honorable Mention recipient of the prestigious Alfred P. Sloan Award.