Wi-Fi is a potential weak link in any network security chain. Whether your employees are using your Wi-Fi to work away from their desks or setting up at the local coffee shop, you need to have appropriate security in place.
Locking down the office
Wi-Fi routers and access points (APs) aren’t secured in the factory. Step #1 is to enabling encryption as soon as you set them up. If you’re lucky, an accidentally unsecured network will be used only by passing freeloaders to check their email. At worst, you’re exposing your computers, files, and passwords sent to websites not using SSL encryption—which includes Facebook, a trove for identity thieves—so lock down those routers and APs.
Get a server
It’s tempting but not secure to rely on a single username and password shared with all employees. Will you remember to change it every time an employee leaves? You should. With a shared password, a malicious employee or ex-employee with network access can snoop on other employees. They won’t even be slowed down by having to crack your password. You gave it to them.
Using enterprise-mode WPA/WPA2 security is harder to set up and requires a server. But what would it cost to have your information stolen? Why secure the office with deadbolts, alarms, and cameras but let your bank account details, intellectual property, and client data leak out of the building?
On the road
Public Wi-Fi is not always all it seems. Hackers are happy to set up free Wi-Fi hotspots and lie in wait for valuable data to pass through their networks. Coffee shops are focused on selling coffee, not Wi-Fi integrity. They are soft targets for hackers.
Your defenses are education and control.
1. Train your employees
Teach employees not to do anything over a public Wi-Fi connection that involves entering a password, personal information, or credit card details. They can catch up on the news or watch YouTube, but they shouldn’t log in to Facebook, the bank, or your network.
By definition, security means extra hoops. If employees know why they’re doing the extra work, they’re less likely to connect to an unknown network just because everyone in that Starbucks looks harmless.
2. Have employees close shared folders
Shared folders are useful for collaborating within the office, but no one on the hotel Wi-Fi needs to see your files.
3. Create a virtual private network (VPN)
To an extent, you’re relying on employees to be smart on the road, but you can exercise some control from the office. A VPN encrypts the data traveling between the employee’s computer and your servers. Even if a hacker is watching the public Wi-Fi network—or created it—all they’ll see is encrypted data.