How to make a wireless network secure

A series of steps towards keeping intruders at bay

Wi Fi security

When setting up a wireless network for your small business, it can be all too tempting to leave any security functions switched off. It may seem at the time that getting work done is much more important than worrying about a threat that probably won't ever materialise.

But small businesses, like all others, need to make sure their networks are secure. After all, your customers are counting on you to keep their confidential data safe.

The thing to realise is that your wireless network doesn't only extend within your premises. Wireless technologies provide long-range connectivity that cannot be restricted to the office, which means that anyone within range of an unsecured network can gain access.

This threatens more than just allowing others to use the internet for free. It could make you vulnerable to a breach of privacy, as hackers could monitor and intercept the open packets of data whizzing between devices and the router. Passwords, financial records, customer information and private data are all fair game to the criminal.

In addition, others may use your open wireless to access the internet for illegal activity. Should this happen you could find yourself involved in legal action, so it's well worth taking the necessary steps to ensure your network is reasonably secure. So here's what you can do.

Use encryption

Possibly the most important measure you can take to protect your network is to use encryption. Virtually all routers and wireless devices offer some form of encryption, which scrambles the data transmitted to and from your router, making your network's information unreadable to outsiders.

Encrypting a network involves creating a password or passphrase that is difficult to guess. But note here that, while there are different forms of encryption available to wireless networks, not all of them are secure.

WEP
The most basic and oldest form of wireless encryption to be commonly used is WEP (Wired Equivalency Privacy), which utilises passwords using 10 to 58 digits using 0 to 9 and A to Z.

It is no longer considered secure and can be cracked in minutes by hackers using off-the-shelf hardware and software, but some older systems still only support WEP. If you have such a device, you may need to consider ditching it in favour of something else or lowering the level of security on the network.

While WEP should not be used to secure a network, it's still worth remembering that any encryption will provide more protection than none at all.

WPA and WPA2
Developed to overcome the weaknesses in WEP, WPA and WPA2 (Wi-Fi Protected Access) are the encryption modes now most widely used in wireless networks.

They use both passwords and passphrases to secure networks. A password is one group of letters, numbers and characters without spaces; a passphrase is a string of grouped characters that includes spaces, such as "Th1S 1S a p@ssphr4s£". A passphrase is much harder to guess and break than a simple password.

Use a firewall

Hardware firewalls provide the first line of defence against attacks coming from outside of the network, and most routers have firewalls built into them, which check data coming into and going out and block any suspicious activity. The devices are usually set with reasonable defaults that ensure they do a decent job.

Most firewalls use packet filtering, which looks at the header of a packet to figure out its source and destination addresses. This information is compared to a set of predefined and/or user-created rules that govern whether the packet is legitimate or not, and thus whether it's to be allowed in or discarded.

Software firewalls usually run on the endpoint desktop or laptop, with the advantage of providing a better idea what network traffic is passing through the device. More than just which ports are being used and where data is going, it will know which applications are being used and can allow or block that program's ability to send and receive data.