Wireless networks provide companies and consumers easy access to the Internet. However, these wireless networks are often not properly secured and can easily become a target of attack.

In this article I would like to point out a few simple actions to make a WLAN more secure.

Use WPA2 for encryption

The WPA2 security algorithm should always be used. If the access point does not support WPA2, I would strongly advise you to replace the obsolete device immediately and purchase a new access point. Older security options such as WEP can be easily hacked by attackers within a few minutes using a browser add-on or smartphone app.

Create secure passwords

Good encryption is useless if a weak password is used. The days when passwords with eight digits and special characters were still considered secure are over. We recommend passwords with at least 12 characters, upper/lower case letters and special characters. In addition, no words from the dictionary should be used.

Choose the name of your SSIDs wisely

Personal information has no place in the SSID. The SSID is the network name that can be seen when connecting. It may be obvious and convenient to use the company name when naming the Wi-Fi or even the last name for private networks. For an attacker it is so easy to find the right network without much effort. It is one more hurdle, if the attacker does not immediately see which Wi-Fi network belongs to him during a network scan.

You should always use an SSID that does not immediately reveal which network exists behind it.

Restricting the radio range

Modern access points have several antennas and a very high transmission power. If possible, this range should be limited. Thus it is not possible for an attacker to start a network access from a greater distance.

Is your Wi-Fi secure enough?

You want to talk about security in your company? We’ll be happy to help and advise you on purchasing Sophos products.