Seventy-two percent of companies who suffered a data breach found that the network infiltration came from an unsecured wireless device.
Too many businesses leave their WiFi networks and devices unencrypted with default security measures. This makes them an easy target for cyber criminals.
If you want to keep cyber criminals out and your sensitive data safe, you’ll need to tighten your wireless security. Let’s look at the common bad practices that might be compromising your WiFi.
3 common WiFi security pitfalls
1. Pre-shared password keys (PSK)
Pre-shared password keys are perfect for your home WiFi. But, make sure you steer clear from them on your corporate network.
PSKs are vulnerable because:
- Stolen devices can reveal your key.
- Infected devices can potentially compromise your entire corporate network.
- They’re easy to guess.
- Employees can share WiFi keys.
While PSK is a secure encryption type, it’s still vulnerable to breaches. If your key is compromised, attackers will have full access to your network. This can lead to further malicious activities like switch spoofing and Spanning Tree Protocol (STP) attacks.
Using 802.1X authentication is stronger and more comprehensive.
2. Shared WiFi networks
You should never let your business customers or guests use the same WiFi network as your employees. Here are some reasons why:
- Your corporate network is brimming with sensitive information that only authorised users should access.
- Basic firewalls can’t do everything to keep your assets safe. They also get outdated quickly.
- If an attacker gets in, they’ll have full access across your network.
To keep cyber criminals out, make sure you segment your network. Network segmentation is where you separate areas of your network using devices like bridges, switches and routers.
You might choose to do this to create a screened subnet, or in this case, a guest network.
Segmenting your network keeps you safe from cyber crime by:
- Increasing your security. A segmented network puts more barriers in the way of a cyber attacker, slowing them down and giving you more time to respond.
- Containing breaches. If an attacker does get in, you can contain them within a subnet. This minimises their potential to cause damage or steal assets.
- Protecting your endpoints. Cyber criminals often target endpoints. Segmenting routes malicious traffic away from unprotected endpoints.
Segmented networks keep attackers away from your precious assets and safeguards your employees. Once you’ve segmented, make sure you require user authentication to access the sensitive parts of your network.
3. Unsecured IoT devices
Twenty percent of organisations experienced IoT cyberattacks in the past three years.
Like many other pieces of hardware, IoT devices send and receive data. This makes them an easy target for hackers. The good news is that you can secure IoT devices just like other endpoints on your network.
As well as running them on a segmented network and installing all the latest firmware updates, you can secure your IoT devices by:
- Conducting inventory of your devices. Keep a detailed log of the IoT devices operating on your network. This will enhance your visibility and assist you in creating firewall policies.
- Constantly monitoring. Implementing real-time monitoring helps you track potential threats before they can escalate.
- Skipping the default. Preset passwords are weak. Change your default settings to use unique and complex passwords.
While your IoT devices don’t have reliable security built-in, that doesn’t mean you can’t secure them. With real-time monitoring and tougher passwords, you’ll keep the cyber criminals at bay.
Wirelessly safe and secure
Wireless networks and devices can be vulnerable, but they don’t have to be.
To keep cyber crime at bay and reduce the likelihood of a breach, make sure you secure your WiFi network and devices. And, don’t forget to control user access.
Want to take your organisation’s cyber security further? Our cybersecurity assessment ranks your organisation against the CIS benchmark. This helps you understand your current security posture and identify must-have improvements.
Share
