by Anne Reily, Founder and CEO of PaycheckPlus
Providing Wi-Fi access to your customers and employees can be good for business. Customers tend to seek out free Wi-Fi, which cafés have been using to their advantage for years, and employees can do their jobs more efficiently with wireless access. However there are severe risks for businesses when providing Wi-Fi if not implemented correctly (e.g. Payroll data security can be compromised). To help secure your company network the following questions and, if necessary, their proceeding steps should be tackled by your business.
1. Are your employee’s unsuspecting security risks?
Many IT security firms identify “people” as the main security threat to business IT networks. Without the correct training, vigilance and IT processes in place, employees can easily and unwittingly compromise a business network. For example, if an employee is an unaware victim of phishing then everything they do on their device can potentially be seen and when they access their work Wi-Fi then the risk to the business can be significant. And phishing via Wi-Fi is a relatively easy task for hackers. Picture this: a staff member is working on the road, stops into a café to do some work on their laptop; he/she connects to an open network that appears to be that café’s wireless network and then proceeds to try gain remote access to their company’s resources. Their username and password along with the address that they intended to gain access to have now been seen. The host of the fake Wi-Fi access point now potentially has access to the business’ resources and the network is compromised. The correct staff training, vigilance and IT processes can help reduce this security risk.
2. Do you have appropriate access restrictions to your business Wi-Fi network?
Businesses can attract more customers by providing public access to their network – free Wi-Fi can be good for business. However having employees on the same open network could be bad for business as they’re open to packet sniffing and phishing attacks. Because of this hackers could potentially gain sensitive business data through your public network.
Enabling private access to the network for employees will improve your network security as access will be password protected. However passwords can be guessed, transferred, phished, etc., and the network itself could be brute force attacked. If your business does have a wireless network, be sure that the data that can be accessed on the network is not business sensitive.
3. Is your router locked away?
This is an obvious one but it’s worth mentioning as many security features on routers can be overcome by simply resetting the system. So make sure that your router is under lock and key or at least be sure that access to it is restricted.
4. Are you still using the default router password?
This is another simple one but one that could be easily overlooked. By doing a quick search online you can easily find the default login details for routers. Did you know that Samsung’s AHT-E300 router’s default username and password is “admin” and “password”? So if you’re using default login details for your router, now especially Samsung’s AHT-E300 router, be sure to update them. And make sure you use a complex and unique password to make unwanted access more difficult.
5. Is your router software up to date?
Tech companies providing routers regularly release updates to software. These updates can improve security and protect against the latest viruses and attacks. By keeping your router software up to date you are ensuring to the best of your ability (and the ability of your router provider) that your router will not be the weak point of your network.
6. Does your business really need Wi-Fi?
If providing Wi-Fi is not crucial to your business and you have sensitive data to protect then I suggest not providing Wi-Fi. The risks may be too severe. But every business is unique and each business will need to do a “risk vs reward” trade-off analysis when choosing whether or not to provide Wi-Fi. And if your business is already providing Wi-Fi I suggest restricting access, keeping sensitive data off the Wi-Fi network and training your staff to ensure that they don’t put your network at risk.
Your Wi-Fi can be good and bad for business – secure your Payroll data