Wireless VS Wired
We all know the difference between wireless (Wi-Fi) connections and wired connections, the clue is in the name! Although wireless is easier being tethered to a desk can often be beneficial. First of all, wired connections are almost always faster than using your wireless access points and secondly cabled connection are usually more secure.
Imagine two people on either side of a crowded room. If they want to pass information between each other, the wireless equivalent would be to shout across that room. This seems easier but with everybody else talking at the same time the message may get lost or distorted so it actually takes longer to receive the correct information. Also, other people in the room can hear you, making it insecure. On the other hand, if one person simply walked to the other with the message in writing the correct information would be received a lot quicker and unless somebody actually intercepts and reads the document it would remain a secret.
As with all analogies there are exceptions but the main point to take from this example is that although wireless connections make our lives easier it does present a significant security risk.
When trying to be Security Savvy and avoid Wi-Fi security threats you should think about how you use it not only in the office but also out and about on Wi-Fi hotspots in hotels and cafés.
Most offices have wireless available for their staff laptops but this is often also used for mobile phones, personal devices and guests. No matter the size of your business, if you stop and think about it, you’ll soon realise what a risk that is! Who knows where these devices have been and what level of security is enforced on them. You could have restrictions on your networked computers and the best Anti-Malware software but if a guest visits with an infected machine all your security precautions could be for nothing. Connecting an unprotected or infected machine to your main network using wireless could mean that your server or other computers become infected with a virus or ransomware.
We obviously don’t want to just turn off wireless but controls can be put in place. We recommend that you separate the wireless with different names and networks. Have one Wi-Fi network that only office laptops (under your control) can use to get onto your servers, and a second Wi-Fi network for mobile phones and guests that only need access to the internet. If paired with a security firewall these access points can act as a barrier to threats from uncontrolled devices to better protect your network, servers and data.
Public Wi-Fi Hotspots
Having access to free WiFi can be a life saver on the road, especially if you don’t have a 3G or 4G signal. However, it is advisable to only use this service if it is absolutely necessary. If you can connect to these networks easily then everybody else in the shop, hotel or café can as well, and they may well be listening in on what you’re doing rather than just accessing their own e-mail. Most reputable establishments will have a secure network that isolates everyone’s connections to try and stop this from happening but it isn’t a guarantee. As for unsecured ‘open’ networks these should never be used as everything you send is likely to be completely unsecure, non-encrypted and open for interception by anybody to do with as they wish.
In summary to be LSA Security Savvy on wireless:
• If you’re in the office and can use a cable, do so. It’ll be quicker and more secure.
• If you allow staff to use mobile phones and even their own devices, ask LSA to provide and set-up a secondary wireless network that doesn’t allow access to your main network.
• If you give guests access to your wireless, you should ask LSA to provide and set-up a secondary wireless network for internet only to protect your servers.
• If you need to use a public Wi-Fi do not use an open network without passwords, also try to only use Hotspots in well-known establishments that issue passcode tickets or charge as these are usually more secure.
Other Security Savvy Tips: