March 1, 2016
Physicists study Newton's Third Law of Motion, which states, "For every action, there is an equal and opposite reaction." This law explains why boats move when you turn on the propeller, why a stack of boxes moves when you push with all your might, and why your brother smacks you back when you hit him too hard. There is a similar law in the world of cyber security: for every bit of convenience you gain, you lose an equal amount of security.
In other words, simpler passwords lead to more unauthorized access to systems. The same holds true for putting off updating and patching security software, upgrading firewalls, and failing to update the IT asset management system -- the more convenient it is, the less security you get. Where is the happy middle ground? At what point have you found the right balance between providing solid network performance and strong security measures, while allowing employees and guests reliable and convenient Internet access? Here's how to get it right.
Be Sure You're Using Routers With Enterprise-Grade Security
There's a difference between accommodating guests' mobile device access and empowering intruders with nefarious goals. Learn to balance convenience and security.
Short for "Remote Authentication Dial-In User Service", RADIUS servers are more expensive than consumer-grade Wi-Fi products, but it offers WPA-2 Enterprise level Wi-Fi service. This is considerably more secure than the consumer-level WPA and WPA-2 Wi-Fi devices. Be sure that servers are set up and maintained by personnel with cyber security knowledge and experience, as having the equipment is rather meaningless if the settings aren't properly configured.
Consider Providing Separate Wi-Fi Networks for Employees & Guests
In offices that host frequent guests like customers, vendors, etc., you might consider offering two Wi-Fi networks. One network for workers and another for guests not only keeps your own systems secure from intruders, it also prevents guests from bogging down the network at times when workloads are at peak. The convenience of visitors is nice, but it isn't worth sacrificing customer service or productivity.
Turn It Down
While you want Wi-Fi signals to be adequate within your four walls, any stronger signal than that is opening your networks to unnecessary risks. Configure the equipment so that the signal doesn't spill out into the street where any old intruder can hack his or her way in.
Keep Firmware Updated
Like updating the firewalls and patching the antivirus software, it's all too easy to forget to update the firmware for your routers. A good IT asset management system will help by alerting IT personnel when this vital maintenance needs to be done. Asset management also helps you manage the lifecycles of your routers, servers, and networking devices so that you can retire equipment that is outdated. Old stuff is by nature less secure, because it wasn't designed with the latest threats in mind. Network performance monitoring tools are also helpful. Establish a baseline for network activity at any given point in time, and use this to determine when abnormal activities might be indicative of a potential intrusion.
Change Passwords Frequently
Providing separate Wi-Fi networks for employees and guests assures that your workforce isn't hampered by slow connectivity during peak hours because too many vendors or customers are trying to access the systems, too.
Employees come and go. So do vendors, customers, and other visitors. There really isn't any reason why Melba needs your Wi-Fi password two months after she quit, or why your ERP vendor needs it six months after his installation job is complete. Change passwords regularly and use long and strong ones. A new password each month is ideal. Pick complex passwords that are eight characters or longer, including a mixture of upper case letters, lower case letters, numerals, and special characters.
Physically Secure the Routers
Not all intruders use fancy hacking techniques and sneaky code they found on the Dark Web. Some simply walk up to the router, plug in, and do their dirty work. Don't make it so easy. While you're worried about cyber security, make sure your routers, servers, and other networking devices are safe from plug-and-play hack attacks.
Looking for even more great ways to boost network performance while keeping networks, users, and applications secure? Download the Optimizing Bandwidth whitepaper today.