Here’s some WLAN security data that should keep admins up at night: If I know your router brand and make, I can Google “{model number}” and “default passwords” — and now I have a 23 percent chance of guessing your WEP access key.
If you’re like almost 1 in 4 wireless router users, you didn’t change the default after installation. That’s a bad look!
Check it out. If you use a Netgear wireless router your password is on page 1 of Google unless you change it.
I’m talking to the DIY SOHO networking types here. I hope. If this applies, change your router password immediately.
For mid-size and enterprise network administrators, you’re not out of the woods. Instead, turn your attention to rogue access points.
Defending against rogue access points
Rogue access points (also called ‘soft access points’) are WAPs placed in proximity of the WLAN meant to trick company users into logging onto an ad hoc wireless network. They may have names that masquerade a company SSID (network name) to further the ruse. A rogue AP might allure users by offering ways to skirt limits or WLAN rules imposed by IT: An SSID like ‘YOUR COMPANY – anonymous browsing‘ is one rogue AP example.
You can automate alerts for rogue access points with any business-grade AP that allows centralized configuration from a network controller. This will make it easier to monitor shady APs. This should be an essential part of a small office network setup. You can still blame WLAN security pain points on users’ apathy, based on their age and generation.
Those Millennials and their BYOD
Millennials and their disdain for authority! They demand a BYOD policy and suddenly it’s their work, their device, and their network, right?
“70% of Millennials admitted to bringing outside applications into the enterprise in violation of IT policies. Perhaps even more alarming is that the same survey found 60% ‘aren’t concerned about corporate security when they use personal apps instead of corporate apps.” – HP research (Feb. 2017)
This attitude leads to bad passwords, bad intentions, bad news. What can IT do to make wireless networks safe from millennial apathy?
- Mobile device management (MDM) applications and network server for router configuration. Limit individual device level access to certain parts of the network. Managing permissions for hundreds of endpoints MDM software and business grade access points automates the busywork.
- Limit wireless to guest network access–a setting included on designated routers for business use.
- Get management on board to change culture and attitude toward device security. It’s an IT problem non-techs can grasp.
Turning around generational attitudes starts with you! If you’re implementing a BYOD policy in your shop, step one should be making sure your wireless router has a fresh, unique password. Step two should be automating your WLAN to detect rogue wireless networks.
One thing for certain: your business cannot afford to become a data point in WLAN statistics, so do your diligence.
