Did you know you can get speeds of up to 2Gbps on a WiFi connection?
WiFi has come a long way from the early days. Modern WiFi standards are more secure, more efficient, and faster than their predecessors. But setting one up in a business network can be a real hassle.
Fortunately, it doesn’t require a big IT team to make sure your WiFi installation goes well. Commercial Wifi, like consumer counterparts, is usually easy to configure and manage. Business network services often provide in-depth documentation to fine-tune your network.
If you’re unsure how you can make the most of your business networking, then look no further. Keep reading for ten simple tips on how to setup up and maintain your WiFI connection.
1. Keep Your Business Network Secure by Having the Router in a Secure Place
WiFi is not as secure as a fiber cable, but it is secure enough for most purposes. Assuming you use the best encryption standards, it would be virtually impossible for a hacker to compromise your network. It could take thousands of hours of packet interception before they had even a small chance, too.
But if they have physical access, then there is practically no barrier against entry. The physical router switches enable your IT team to set up the network in the first place.
The reason it is so vulnerable is that the design of routers makes them easily accessible assuming physical access. Often an internet connection won’t allow changes without being present and hitting the right switches. Worst of all, the router usually has the username and password on the bottom sticker.
Even if you limit router access to admins alone, a hacker still has recourse. They just press the reset button, and that’s it. They have full, unadulterated access to your network.
All you need to do to protect against this is keep the main router in a safe place. Store it out of sight near the IT admin’s desk. Better yet, secure it in a locked box to reduce the threat of an inside job.
There’s no need to worry about ruining the speed of the wifi router. Just install wifi extenders and employees will get the high speeds they need. Ask your contractor during commercial wifi installation for this option.
2. Change Router SSID
Even if you’ve followed the above steps by changing the default password, you’re not out of the woods yet. One thing hackers can do is guess what sort of router you have. The easiest way to do this is with the default router name, which gives the router’s full model number.
A hacker is just a Google search away from your router’s detailed specs with this info. By Googling, they can often find the password for your router–or routers like it.
Even if you changed the password as you should, they now know which vulnerabilities it has. If your particular router is weak to a certain vulnerability, it’s just a matter of exploiting it.
Change the router SSID ASAP to a personalized name. It makes it easier for employees to find and keeps you safe.
3. Keep Router SSID Hidden
Believe it or not, you can hide your router’s existence from prying eyes. In the router settings, enable the option to hide the network. This means your SSID won’t appear when nearby devices search for a network.
Then, you just enter the SSID and password for any employees. It won’t affect the speed or quality of the network. It just creates a minor inconvenience for a new user who wants to connect–usually not an issue in an office setting.
Do keep in mind that this won’t keep out tenacious hackers. Hackers can use a sniffer to easily find your wifi info. It does however reduce network strain and avoids unauthorized people from trying to enter.
4. Secure Your Business Network With the Highest Security Standards
To keep your data safe, wifi routers will encrypt traffic between router and device. Encryption is awesome since it makes anything impervious to hacking. It scrambles the data, making it only accessible to someone with the proper cryptographic key.
In layman’s terms, hackers won’t ever be able to beat encryption. Unfortunately, this encryption isn’t always enabled by default.
Wifi security standards have improved over the years. First, we started with WEP, then moved on to secure standards like WPA.
Currently, the most secure wifi standard is WPA3. WPA3 is modern, secure, and efficient. Anything that uses WPA encryption won’t give hackers any chance of compromising your network.
But oftentimes routers come with WEP or WPA2 as the default. WEP from a security perspective is a horribly outdated standard. Make sure to get into the admin settings and switch network security to WPA3, or at minimum WPA2.
5. Update Any Software and/or Firmware if Available
Chances are, your router was sitting on a shelf for months before you bought it. It might be a model that is several years old. If that’s the case, then there is guaranteed to be an update.
Updates are vital in the IT world. They make your devices more efficient and patch vulnerabilities. Fail to do this, and you’re signaling to all hackers that they can come right in.
Dig into the admin settings and search for firmware or software updates. This will shut down your network for a bit, but it will be worth it. Better yet, enable automatic updates or update notifications.
6. Make Use of the Built-In Firewalls
Most routers come with at least a basic firewall. Using your device without a firewall is a bad idea, especially in an office setting. Firewalls are what deny unauthorized access from unknown devices.
In most cases, you have several layers of firewalls. You have a hardware firewall, router firewall, and system firewall. It’s never a bad thing to have more than one.
Open admin settings and enable either SPI or NAT depending on your needs. Your hardware or OS firewall will be superior, but this extra layer of security won’t hurt.
7. Divide Your Network into Public and Private Access
Most wifi routers can split traffic into two types: a guest network, and a personal network. This allows you to give wifi to office visitors if they need it. But in giving them this access, you won’t be risking network security.
Make sure to make these networks easy to tell apart with clear SSID names. Have a robust password for the private network. Then, visitors will never have to get access to your subnet if they just want to check Facebook.
8. Find and Remove Any Unauthorized Access Points (APs)
An access point is any means of connecting to the network. This can be a router, extender, or phone hotspot.
People who have access can, if they desire, create an AP without your permission. For example, an employee can create an AP from their work phone. This allows them or anyone else to access the network without entering private credentials.
The problem is that you can’t trust that the employee will only allow authorized users to access it. Further, their AP may not have the most stringent security standards. Your commercial WiFi network may be secure, but one AP can compromise all that security.
Limit employees from creating any unauthorized APs. You can often disable this option in their device settings if you desire.
But even still, make a habit of scanning the network for them. You’re guaranteed to find one or two that pop up from time to time.
9. Disable WPS-related Settings
WiFi Protected Setup (WPS) is a convenient option for dead-simple setup. At the press of a button, you can connect a WiFI device to your network. While this may make things easier, it presents a considerable security flaw.
All someone needs is authorization to use WPS and enable an unauthorized device. Just like an AP, this presents some huge security risks if the device doesn’t meet your standards.
Business network services should only use enterprise-grade devices. WiFi installers may present options to prevent this WPS connection without authorization. But as a principle, it’s just best to disable it entirely.
10. Consider Limiting or Disabling DHCP Entirely
DHCP is what assigns addresses to individual devices. It makes it easy to connect a new device since the router automatically gives it a unique address. No extra steps are needed with WiFi installers during WiFi installation.
However, as you can imagine, this means it gives even an unauthorized device an address. You can further refine and perfect your security if you only allow certain IP addresses. If an unauthorized user connects, DHCP won’t give them a subnet address.
If you want maximum security, you should just disable DHCP entirely. Only allow assigned devices to connect. You will have to add new devices, but you’ll know exactly who’s connecting at all times.
Install Your WiFi Securely
A business network is the heart of any business’ security framework. A weak network presents abundant security issues and is a lot harder to manage. But use the above steps, and you can reduce a wide number of vulnerabilities.
Follow our blog for more useful tech tips.