Wireless Security Precautions

  1. Use the built-in encryption - Enable the highest level of Wireless Encryption Protocol (WEP) that ships with the access point and enable on all cards that you want to connect to the AP.
    1. 802.11b and 802.11g provide up to 128-bit WEP
    2. 802.11a provides up to 152-bit WEP
  2. Change default SSID that ships with the access point (i.e. the default for a Linksys AP is Linksys)
  3. Disable the broadcast mode that is used by access points to transmit their SSIDs
  4. Turn off Ad-hoc mode which allows peer-to-peer network connections by enabling Infrastructure mode where all wireless clients must connect via an access point
  5. Use MAC Address Authentication using access control lists (ACLs)
  6. Don't give the network a name that identifies your company
  7. Add passwords to all devices
  8. Move wireless access points away from windows and use directional antenna
  9. Disable the features you don't use
  10. Put a firewall between the wireless network and other company computers
  11. encrypt data
  12. Implement VPN (Virtual Private Networking) over the wireless LAN
  13. Regularly test wireless network security by preforming a regular audit for rogue access points
  14. Create and enforce a wireless security policy
  15. Educate the network users about the security risks of wireless.

"What's happening with wireless networks is that it's no more or less secure than anything else. It's just [that] with a wireless LAN [local area network] you need a new page in the rule book. Security doesn't stop at the perimeter of the company building." [Geoff Davies, managing director of I-SEC, a specialist information security company, reprinted in Financial Times, July 1 2002]

To Previous Section To Introduction To Next Section