SECURE YOUR WIRELESS NETWORK By Chris Odediran

Have you tried to find an Internet connection from a street corner or business district with the wireless connection on your laptop or mobile device? If so, chances are you saw multiple wireless access points with no form of protection, technically called encryption. Many owners of wireless routers and access points still use the default settings on their devices, which in most cases open the network to unauthorized users. Many owners are not savvy enough to configure their wireless devices, and probably don't know their network is insecure. Well, ignorance is no protection against legal action. It is important to find out if your network is open, and make an attempt to secure it properly. Business data can be stolen wirelessly in an unsecured setting.


How to Protect Your Wireless Access Point from Unauthorized Use

It is estimated that nearly 40 percent of wireless access points are completely wide open. CNN reported even a more alarming trend during a "warflying" trip in which over 3,000 wireless networks were detected and over 67 percent of the networks did not have any form of protection. If you drive through any neighborhood in the United States today, you are bound to find more than a few unprotected wireless routers and access points through which you can connect unauthorized.

Restaurants and other hospitality business have in recent years been acquiring high-speed Internet connections and devices that allow wireless networking. It is now fashionable for restaurant operators to offer free WI-FI Internet services to their customers. Sometimes, wireless routers are bundled by DSL or cable broadband providers. Whether or not it is used by the hospitality operation is irrelevant. The question is: by allowing Internet access to your customers, are you allowing people you don't know access to your POS system? If so, you may be exposing your business to enormous risks because "wardrivers" and "warflyers" may have access to your business data.

There are a few steps you can take to make your wireless network fairly impregnable, so as to prevent unauthorized access to the POS system.

Disable or avoid using obvious SSID. The “Service Set Identifier,” or SSID, is a broadcast message that announces your wireless network in the wireless area. It is what users see when they view available wireless networks. Generally, wireless routers and access points provide an option to turn off the broadcast of the SSID. If you are not offering free wireless Internet connection to customers, it is better to disable the broadcast of your SSID, to prevent drive-by crackers from accessing your network. Wardrivers will be oblivious of your network and as a result, won’t try to access it. However, if you provide free access to outsiders, you may want to use a decoy SSID so that users cannot easily tell which is yours. Avoid using your restaurant or company name or street number. Use an SSID that cannot easily be identified with you, except by information.

Change the default settings of your wireless devices. The payment card industry guidelines require a POS business to change all default settings such as router passwords. Factory defaults can be easily guessed, which leaves your network vulnerable to unauthorized use. Change all default passwords and other security settings such as IP address and wireless security details on wireless access points, routers and laptop clients.

Enable encryption. WEP (Wireless Equivalent Privacy) or WPA (Wireless Protected Access) are the two most common methods of forcing users to enter an encrypted password before they can access a wireless network. All wireless routers and access points have at least these two security settings. More robust routers offer more advanced security options, but using WEP is the least you can do. While WEP is not as secure and has been found to be “hackable,” most ordinary threats will be prevented by it. WPA is so far secure and is offered on almost any new wireless device.

Allow access based on MAC address. If security is very critical, you can have even a more secure system by requiring that an external computer's manufacturer's network adapter (also called Machine Access Code - MAC) address be listed on the wireless device. This is one of the highest levels of security, as you pre-determine those computers that can use your network. This access control system is, however, time-consuming and limits your wireless connections to only those computers you pre-select.

Limit the number of automatic addresses. It is advisable that you estimate the maximum number of users you expect to be able to connect to your network at any given time, and limit your ability to provide instant IP addresses to computers. Limiting the DCHP (automatically provided addresses) will help reduce the risk of providing Internet access to everyone in your wireless area. If you don't have too many users, consider limiting the maximum number of DHCP addresses the network can assign, allowing just enough to cover the users you have.

Check the number of attached devices regularly. Every wireless device has a function to check which computers are attached to it at any given time. Make it a habit of checking those attached devices once in a while to know who your users might be and how many they are. If you have 20 users attached, and you have only 5 users in your restaurant, you will instantly know there is unauthorized use of your network.

Call for help. The best way to have peace of mind is for your to seek help from a company that has the expertise and experience implementing wireless technology at the implementation stage.

CC Productions has been providing expert wireless services for many years to restaurants, hotels, school districts and other organizations. Please call for evaluation and implementation of your wireless installations.