 But
working from home while using a wireless local area network (WLAN)
may lead to theft of sensitive information and hacker or virus
infiltration unless proper measures are taken. As WLANs send
information over radio waves, someone with a receiver in your
area could be picking up the transmission, thus gaining access
to your computer.
They could load viruses on to your laptop which could be
transferred to the company's network when you connect at the
office.
Up to 75 per cent of WLAN users do not have standard security
features installed, while 20 per cent are left completely open
because the default configurations are not secured, but made for the
users to have their network up and running ASAP.
Here are some of our recommendations.
1) Wireless router/access point setups should
always be done though a wired client.
2)
Change default administrative password on wireless
router/access point to a secured password.
3)
Enable at least 128-bit WEP encryption on both card and access
point. Change your WEP keys periodically. If equipment does
not support at least 128-bit WEP encryption, consider
replacing it.
Although there are security issues with WEP, it represents
minimum level of security, and it should be enabled.
4)
Change the default SSID on your router/access point to a hard
to guess name. Setup your computer device to connect to this
SSID by default.
5)
Setup router/access point not to broadcast the SSID. The same
SSID needs to be setup on the client side manually. This
feature may not be available on all equipment.
6)
Block anonymous Internet requests or pings.
7)
On each computer having wireless network card, network
connection properties should be configured to allow connection
to Access Point Networks Only. Computer to Computer (peer to
peer) Connection should not be allowed.
8)
Enable MAC filtering. Deny association to wireless network for
unspecified MAC addresses. Mac or Physical addresses are
available through your computer device network connection
setup and they are physically written on network cards. When
adding new wireless cards / computer to the network, their MAC
addresses should be registered with the router /access point.
9)
Network router should have firewall features enabled and
demilitarized zone (DMZ) feature disabled.
10)
You should test your hardware and personal firewalls using
GRC's Shields Up test.
11)
All computers should have a properly configured personal
firewall in addition to a hardware firewall.
12)
Update router/access point firmware when new versions become
available.
13)
Locate router/access point away from strangers so they cannot
reset the router/access point to default settings.
14)
Locate router/access point in the middle of the building
rather than near windows to limit signal coverage outside the
building.
15) If you feel overwhelmed by all this, consider having one
of our geeks completing these measures for you. |
