Improving WiFi Security for Your Business

Network, Security, Security Threats, WiFi, wireless network, , , ,
11
Apr 2018

Wireless networks are crucial for organizations to operate in the modern business landscape, but it’s critical that your wireless network is secure.

Increased mobility, production and scalability are the three main reasons why your organization will have embraced WiFi. Allowing you to remain competitive, WiFi is a service that you simply can’t be without. Therefore, security is more crucial than ever when it comes to wireless networks.

To help you get a better understanding of how to defend your network, we’re going to look at improving WiFi security for your Business.

How to Protect Your WiFi Network

There are many ways that you can secure your WiFi network, keep hackers out and ensure that productivity remains at an all-time high:

  • Keep on Top of Updates: Your router and associated hardware will regularly receive firmware updates that improve performance and, more importantly, patch any potential security issues. Unfortunately, many people put these updates on the back burner as the install processes are considered a little fiddly. However, while the install time and necessary reboots are irksome, they pale in comparison to your WiFi network being compromised.
  • Change Default Login Credentials: In order to access WiFi devices for the first time, these devices will come with default login credentials to allow the owner to configure them for their network. These default credentials, however, represent a major security risk as they rarely differ between devices. And that means that anyone with a list of default credentials – freely available online – can log on to your WiFi devices if they haven’t been changed.
  • A VPN Can Hide Your Network: A virtual private network (VPN) is a useful service which provides additional security to your WiFi network. A VPN server will hide all the connection details of PCs and devices on your network, so this makes it significantly harder for hackers to find a flaw in your defenses.
  • Keep Guest WiFi Networks Separate: Most organizations provide a guest WiFi network for visitors or staff to access with their own devices. While this is a generous offering, you need to make sure that guest WiFi networks are kept separate to the rest of your networks. Surrounding the individual networks with firewalls also helps to ramp up the defenses between your sensitive data and external breaches.
  • Secure Ethernet Ports: Network peripherals are always at risk of being compromised by unsecured ethernet ports. By simply plugging a cable into an ethernet port, a hacker can gain a foothold into your wireless network. The solution to this problem is, thankfully, relatively simple: enclose network peripherals within locked cases and limit key ownership.
  • Enable WPA2 Encryption: If your WiFi network is not encrypted then it means that the data being transferred over it is open to external parties. As a business, it’s a certainty that the data transferred over your network will be sensitive e.g. customer details, payroll information and emails. However, by enabling WPA2 encryption on your network, it will guarantee that your data will be scrambled as it’s transmitted. As a result, anyone ‘listening in’ will be unable to exploit the data.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Best Practices for Protecting Your Wireless Network

Network, Password Security, Security, wireless network, , ,
20
Mar 2018

Small and mid sized organizations find wireless networks an essential tool in running their business, but they come with a significant risk attached.

And with news reports delivering nothing but bad news regarding wireless security, ensuring that your wireless network is well protected should be a major priority for your organization. Now, hackers don’t want to work hard, they want to access your systems with the least amount of effort; that’s why they tend to target the simplest flaws in wireless security.

Luckily, remedying these simple flaws is far from complex and you can make a huge difference to your wireless defenses in next to no time. To help you get started, I’m going to walk you through the best practices for protecting your wireless network:

  • Use a Strong Password: Many routers come set up with a default password in place and this represents a major security risk if left in place. Lists of default passwords for specific routers are regularly circulated among hackers, so make sure you change your password to one that is strong and contains upper and lower case letters along with numbers.
  • Turn on the Router’s Firewall: Due to the security risk surrounding wireless networks, router manufacturers have been building internal firewalls into their devices for some time. Occasionally, though, these routers can be shipped with their firewall turned off and this immediately reduces your defenses. Therefore, always check that any new routers have their firewall turned on before installing on your network.
  • Edit Your Network Name: Routers broadcast their network name so that users can find and connect to it. However, many routers broadcast a default network name and this can often indicate the model of the router, so it indicates poor wireless security. However, by changing the service set identifier (SSID), you can demonstrate that your router has been set up correctly and cause potential hackers to move on.
  • Use WPA2 Encryption and not WEP: Older routers may have WEP set as the device’s encryption method, but this is a very bad situation for your data. WEP encryption can easily be cracked in minutes, so WPA2 is the only option you should be selecting as this provides excellent protection which will thwart most hackers early on.
  • Disable Remote Admin Access: To help boost accessibility, many routers provide remote admin access services. Now, while this is fantastic if your IT team need to log in to your router in the middle of night from their homes, it also offers a route for hackers to get deep into your wireless network and start changing settings. Restricting admin access purely to the local area network helps prevent this scenario.
  • Update Your Router’s Firmware: As with all hardware, updating your router’s firmware is one of the most crucial steps for protecting your wireless network. Firmware is often released to help combat potential security flaws, so it needs to be installed immediately to prevent these flaws being exploited.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

4 IoT Security Vulnerabilities You Need to Know About

Hacking, Internet of things, IOT, Network, Security, Security Threats, , , , ,
27
Feb 2018

The Internet of Things (IoT) is amazing, but it’s not perfect and, in particular, there are plenty of security vulnerabilities that you need to know about.

You can barely move without bumping into an IoT device now and, whilst this allows you to be more productive, it also means that the security risk to your organization’s network is increasing. We’ve all heard about how coffee machines can get hacked and it’s these types of stories that demonstrate the extent of IoT security concerns.

Whilst you may rely on a humble kettle rather than a fancy Wi-Fi controlled coffee machine, there are still plenty of IoT security vulnerabilities you need to be aware of. Let’s take a look at of the most important ones you should be aware of.

  1. Network Services Present a Back Door

IoT devices often come with diagnostic and debugging services built in to help facilitate troubleshooting tasks, but these are often operating on ports which are not secure. Now, maintenance services are probably one of the least likely to be secured pieces of code to be found on an IoT device, so this scenario is highly attractive to hackers. Therefore, you need to make sure that you investigate all potential security concerns on new IoT devices you install.

  1. Lack of Transport Encryption

When data is transported across the internet or your local network, it needs to be encrypted to thwart any external parties who are listening to your data traffic. However, many IoT devices fail to employ transport encryption in their data transmissions when sending data – this is estimated to be around 41% of all IoT devices. And this is why you need to make sure that your organization only works with highly secure IoT devices to protect data security.

  1. Weak Password Protection

The lack of strong password protection is a major security vulnerability when it comes to IoT devices. A good password should incorporate more than 8 characters and these should include numbers, symbols and mixed case letters – more often than not, though, these can often be nothing more than four digits such as an iPhone’s default password protection. And, as we all know, the weaker a password, the quicker and easier it can be hacked by brute force.

  1. Different Computer Languages Prevent Security

PCs all speak a common language, so getting a network full of PCs to operate on the same network in the same manner is not too big a problem. However, a smart photocopier running on a code all of its own is going to struggle to communicate effectively with the rest of your network. And this means that guaranteeing a secure connection between network devices is more difficult than ever. You also need to consider the fact that many IoT devices fail to receive regular updates, so this has the potential to be a long term security risk.

We’re all still learning about the security vulnerabilities that the IoT is bringing to the security table, so a firm knowledge of the potential pitfalls is vital. By taking note of the above you should be able to improve your security just enough to prevent being hacked.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Why Do You Need to Backup Your Data?

Backup and Recovery, Office Network, Security, , ,
31
Oct 2017

 

Backup_festival

A good business needs good data and they need even better access to it. However, not all businesses understand just how crucial access to their data is.

One of the best ways to protect your data is by carrying out regular backups of your data to ensure that copies are kept in secure storage. This ensures that no matter what happens on individual PCs or individual sets of data, there should still be a copy of the lost data ready to fill in the gap. This form of pre-emptive action can really help your organization run smoothly without the need for laborious data duplication.

So, we’re agreed that data loss is bad, but how can your data go missing? And what can the knock on effects be? Let’s take a look at why you need to backup your data.

Systems Can and Do Get Hacked

Due to a combination of human error and the devious tactics of hackers, PCs can easily fall victim to malicious software which compromises entire networks and all the data on them. And, in the case of ransomware, this data can be encrypted and only released once a ransom has been paid. However, if your organization completes regular backups then the amount of data which can’t be retrieved will be significantly reduced. This leaves you in the enviable position of not having to give in and pay an extortionate amount of money for your data to be decrypted.

PCs Are Prone to Failure

When you consider the huge number of components that make up a PC, it’s no surprise that they’re prone to failure. Sometimes this can be due to age, sometimes it can be down to someone spilling their cup of coffee over the hard drive. And when components fail or become damaged, they’re sometimes left beyond repair and all the data on that PC is unable to be salvaged. With a backup to hand, the threat of permanent data loss is minimized. Even with a backup to hand, though, we still recommend keeping coffee away from your hard drive!

Data Transfer Hard Drive Backup Connection

Your Business Needs Data

If you suffer a catastrophic data loss event then your business is going to seriously struggle. Just imagine that all your customers and providers details had been accidentally deleted or compromised – operating in this scenario would be an absolute nightmare. And if you want to get a feel for the financial damage this can cause, this report estimates that around $1.7 trillion is lost in downtime every year thanks to data loss. Hopefully this should underline exactly why a regular backup is in your organization’s best interest. 

Your Network Needs Data

While your business certainly needs data to operate, your PC network cannot operate without data. So, for example, if a network driver suddenly becomes corrupted or accidentally deleted then that can spell the end of any PC activity within your organization. And, due to our reliance on PCs in almost every imaginable industry, this is the last thing your organization needs. However, by backing up your data you’re providing a safety net that could serve to be crucial in keeping your business trading.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Do Your Ex-Employees Still Have Access to Your Data?

disable employee access, disgruntled employees, OneLogin, Security, SIEM, , , ,
19
Sep 2017

Insider_Threat

Your employees can often pose a huge risk to your data security, but what about ex-employees? Well, it turns out they may present an even bigger threat.

When employees leave an organization, it’s prudent that their network and application privileges are immediately terminated. After all, there’s no need for them to have access to your data and this is particularly important if they’ve left to join a competitor. Not only that, it presents them with an easy route for sabotaging your network. So, it’s clear to see why it’s so important to revoke privileges, but it would appear this isn’t always the case.

Research by OneLogin has demonstrated that 50% of accounts previously held by ex-employees with the power to make IT-decisions are still active 24 hours after they have left the organization. And many employees have revealed that around 25% of their employees’ accounts will still be active for up to a week. And, as you well know, it can take mere seconds to completely compromise a PC, so the delay reported by OneLogin has the potential to cause real damage.

Why Do IT Accounts Need to be Terminated Immediately?

The majority of employees who leave your organization are highly unlikely to even consider wanting to log back on to your network, but there are some who may try as soon as they’ve left the building. In particular, disgruntled ex-employees who have had their contracts terminated are likely to be looking for revenge and, of course, those who have left the business to join a local rival may be tempted to log on and steal sensitive information to give them an advantage. While these individuals are in the minority, it still represents a huge threat to your data.

Despite being a basic threat, and one that’s easy to remedy, the statistics provided by OneLogin would indicate that it’s a simple procedure which is being ignored by many organizations. And the end result of this lackadaisical approach is, as OneLogin’s poll has found, that 10% of all data breaches are believed to have been committed by ex-employees. Eliminating this security risk, therefore, can make a real difference to your overall security.

authorizedpersonnelonly

How to Prevent Ex-Employees Accessing Your Networks

OneLogin have found that ex-employees can spell trouble for your security, but what can you do to minimize the risk? Let’s take a look:

  • Create an exit procedure for IT privileges – Thankfully, most employees will give a certain amount of notice before leaving and this gives organizations plenty of opportunity to plan for their exit. Therefore, there’s no excuse for login details to be disabled as soon as that employee leaves. Sometimes, of course, employees will leave suddenly and, in these instances, IT departments need to be informed immediately to close these accounts.
  • Reduce remote access – Some organizations may have networks which can only be accessed internally, so an ex-employee may struggle to even log in once they’ve left the business. However, many organizations provide remote access to their networks and, if an ex-employee can obtain the web address to access this, they could easily connect. To avoid this, make sure that only certain login names are allowed to log on in this manner.
  • Incorporate an SIEM system – Using a security information and event management (SIEM) system can indicate employees’ activity within individual applications, so this can quickly indicate if any unauthorized access is being made. OneLogin discovered that 41% of organizations do not use this type of system, but it would appear to be crucial in protecting your data.

These approaches are simple, quick and easy, so there’s no excuse for being negligent in this area of security.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 3 4 5 6 7 9