It is nice that I can take my laptop from one room to another when I am in the office, not to mention removing some of the cables and adapters from our desks. But wireless networks come with some vulnerabilities that we must consider carefully. To help with this I’ve made this guide on securing wireless networks
Radio waves penetrate through walls and windows, making the network accessible by devices outside our organisations. Those determined to connect to it may find a way if security is at the default level. So what kind of threats and dangers are there and how can we protect our data from them?
I will go with a scenario that I can see happening and discuss a few other possibilities briefly.
Imagine Mr. X leaves his employer but he needs some data from the server or a computer on the network. He still has the password for the WIFI and he can access it form the street or the office next door.
What can be done here?
Using a pre-shared key does not allow you to cut off access for specific users. Changing the existing one will cause a major disruption for those who must remain connected. An option here is using usernames and passwords to connect to the wireless network – a RADIUS server providing 802.1X authentication. This allows an account to be disabled without affecting everybody else. This is a service that modern wireless access points support and can host without additional hardware or software expenses.
There are many other threats so I will briefly mention some here with a solution example:
Wireless intruders, as described above.
Solution: Configure authentication for network access.
Rogue access points. Those are unauthorised devices added to the network that can allow access to protected resources, capture information or launch a man-in-the-middle attack.
Solution: Continuously monitor radio frequency space and configure notifications for discovered potential rogue access points.
Capture streams of data. There is a lot of easily accessible software and hardware that can assist with that.
Solution: Configure encryption between devices and the access points.
Denial of service attacks resulting from poor configurations, accidental interference by devices using radio frequency communications or intentionally.
Solution: Some of many possible solutions here are doing an audit on all wireless devices and their configurations as well as microwave oven and their locations, electricity cables and furniture with reflective surfaces.
So I hope I have not scared you by revealing details about the kind of environment we may work in. I also hope I have given you some ideas how to harden the security of your wireless network.