ENTERPRISE NETWORK 101
When was the last time a person broke into your company offices to steal data? My guess is that this has never happened to you. That's why your boss has hired those tough security guards, after all.
However, I bet that several hackers have tried to penetrate your Wi-Fi network until now. And there is a simple explanation for that: wireless networks are much less secure in comparison with wired networks. Just read the news and you'll see why!
Most system admins take sound, and yet only basic security measures. They set and use complex passwords, for example. They patch servers regularly. They install antiviruses on all devices.
Copyright © EN101. All Rights reserved.
Three Effective Methods of Securing an Enterprise Network
However, none of these measures can stop a person who has enough time and CPU power at his disposal. Read this article to discover several powerful methods that actually DO work.
1. Being a system admin myself, I understand your desire to boast with the huge company you're working at. Or maybe it's not you; your boss wants everyone in the world to know that this Wi-Fi network belongs to the XYZ Corporation.
However, having an SSID that gives away the company name is dangerous, because it tells hackers what network they should target. This is especially true if your offices are located in a shared building, or close to other buildings.
So, always use an inconspicuous SSID such as "larry_home" for your Wi-Fi network. To take things even further, you could use a strangely looking network name, such as "linksys34tc6", because the SSID is incorporated into the WPA2 encryption algorithm.
As you can guess, we are using "linksys" as a part of the network name because we don't have any wireless equipment that was produced by Linksys. Of course, if your company has purchased Linksys hardware, you should pick another manufacturer for your Wi-Fi network's SSID name.
Some admins turn off SSID broadcast altogether, but I wouldn't recommend that. For starters, it won't slow down hackers that much. And then, it will diminish the speed of your Wi-Fi network - a sensitive problem, especially in an enterprise environment.
2. Strangely, some admins don't make use of the Enterprise WPA2 feature. It helps boost Wi-Fi security by forcing each individual user to authenticate. In a nutshell, each user can have his or her user name and password. So, if one of the company devices gets lost, or a villain gets access to it, you can easily change the user name and password for that particular device, and the network will be safe once again.
As an added bonus, each user will have his or her encryption key, which means that they will be unable to spy on other employees' Wi-Fi traffic.
To get started with Enterprise WPA2, you will need to use a RADIUS server, which will store the user name and password for all employees. Big corporations use cloud-based RADIUS services, because they are much easier to maintain and work much faster, especially if your organization has thousands of employees (or more).
3. Always keep an eye on unauthorized access points. A villain could plant an AP close to your Wi-Fi network, use a network name that is similar with yours, and then capture the login credentials of your colleagues, who will try to connect to the fake network, thinking that it is the legitimate one.
Fortunately, quite a few enterprise-level access points include rogue detection services, and can email you or send you an SMS whenever a new AP is detected in the area. Convince your boss to purchase at least a few APs that include WIPS (wireless intrusion protection systems); they will help increase the security of your wireless network. WatchGuard's WIPS is a good option.
This article has highlighted three powerful methods that will help boost your Wi-Fi network's security. Apply them all and I guarantee that the company data will be much more secure.