WiFi security: 10 wireless security basics to secure your network
WiFi as we know it was created a mere 20 years ago. Today, you’d be hard-pressed to find a corner of the world untouched by wireless internet, with billions of people accessing it daily to work, connect with friends, shop, and everything else imaginable. However, with the convenience of wireless internet comes risk, especially for users of wireless internet. That’s where WiFi security comes in.
Wireless security, which includes encryption algorithms and other security protocols to protect data being sent over WiFi networks, plays an important role in our internet-obsessed society.
The advent of WiFi has led to a swath of opportunities for criminals, and WiFi security is one of the main preventive measures in place to help mitigate cybercrime.
This article will include five reasons why having a secure wireless network is crucial to protecting your data, as well as 10 important steps you can take to optimize your own WiFi security.
But first, what exactly is wireless security?
What is WiFi security?
Wireless security in a nutshell is the whole package of measures taken to prevent cybercriminals from accessing the data you put online — whether it be your credit card information (or that of your customers), biometric data, voting records or any information stored on a computer that can access the internet.
WEP, WPA, WPA2 & WPS
You may have seen WEP, WPA, and WPA2 before, but did you realize that these acronyms stand for different wireless security encryption measures?
WEP (Wireless Equivalent Privacy) was the earliest iteration of Wi-Fi security, but was found to have a major vulnerability that made it obsolete after several years.
Similarly, WPA (Wireless Protected Access) had inherent issues that led to the creation of WPA2.
WPA2 is still being used today by entities like the U.S. government, so it’s clearly a strong Wi-Fi security measure.
WPS stands for “WiFi Protected Setup”, and is an eight-numeral code generally found on the bottom of your router. It acts as another entry point to your router’s WPA/2 wireless network. Unfortunately, this code can be brute-forced by hackers, so most companies and individuals aware of this particular vulnerability turn their WPS function off if possible.
Is my WiFi security secure enough?
For the average person, a combination of WPA2 wireless security plus caution while navigating the depths of the internet should be enough to keep their private data out of the hands of criminals.
For businesses, it might not be.
Companies operating online have a lot more money and resources tied to the internet, making them prime targets for crime (read about the biggest data breaches of 2018 if you’re curious what havoc a malicious attack can do to a company and their public perception).
Related: Security breaches: What is the Meltdown vulnerability?
If you’re operating an eCommerce company or an online business, you must have strong web security tools in place — otherwise you put everything from your reputation to your bank account at risk.
5 reasons you should secure your wireless network
There are many reasons everyone — from mega corporations to your technologically illiterate family members — need to consider strengthening their WiFi security. McAfee published a study in February 2018 that claims cybercrime cost an estimated $445 billion to $608 billion to the global economy in 2017.
Those numbers will only continue to increase, as business continues its steady march toward digital commerce.
If you’re here, you already have an idea of wireless security’s importance. But in case you (or others) need further convincing, here are the five key reasons you should fortify your WiFi now rather than later, so you don’t end up contributing to a future McAfee cybercrime report.
1. WiFi is less secure than wired networks
Much of the data on the internet is insecure, and wireless networks are inherently less secure than wired internet connections. This is simply due to the way WiFi operates. Whereas WiFi routers broadcast radio signals that can potentially be picked up by anyone within range, wired internet requires a physical connection (usually via ethernet cord).
While wireless security encryption standards like WPA2 help mitigate this, they’re still fallible (as you’re about to find out). If you let your guard down even for a moment while using WiFi, you put your data and privacy at risk.
2. WPA2 isn’t enough by itself
The constant push-and-shove between malicious hackers and honest engineers will probably never end. The WiFi security gold standard, WPA2, has been proven to be exploitable, and this development should be a major concern for everyone who uses the internet, since most devices we use today were built for WPA2.
Kaspersky, a global cybersecurity company, conducted a study with 32 million users in 2016 to see which iteration of WiFi security its customers were using, and found 68% to be on WPA2. The recently discovered vulnerabilities with WPA2 make this number concerning, although WPA2 updates and the gradual rollout of WPA3 leave room for optimism.
Regardless, it’s important to secure your WiFi network with a variety of measures, because WPA2 alone isn’t enough WiFi security to keep your network from becoming compromised.
3. Protect your data
The internet may be convenient, but with its convenience comes risk. Much of that risk involves the submission of private data on websites. For instance, buying an international airplane ticket requires your passport number and credit card information. Even resetting your online bank account password can require your social security number.
When a hacker finds a vulnerability on your computer, they can use it to not only access your files, but also to monitor your every movement online.
If you’re typing valuable information onto any website, they can see it. Taking the right steps toward better WiFi security can reduce the chance your computer (and data) is exploited.
Related: 10 tips on how to secure a website
4. Legally safeguard yourself
If someone else accesses your wireless internet and starts using it to perform illicit activities, you could find yourself in legal trouble. Whether you’re a private internet user or operating a business, you can face serious litigation (or at the very least legal hassle) for unwittingly allowing a hacker to use your ISP address to break the law.
5. Save money
Many internet data plans involve a pay-as-you-go system, and impose limits that can be very costly to exceed. Unauthorized users can quickly rack up a huge bill by just downloading movies or games — and that’s if they aren’t doing anything more malicious like sniffing around your computer for credit card information.
WiFi security basics: 10 tips for securing your network
As an individual, ensuring you have a secure wireless network could be the difference between living hassle-free and becoming embroiled in a hugely inconvenient case of identity theft. As a business owner, it could be the difference between keeping things running and having to shut your doors for good.
Follow these 10 WiFi security tips to build a secure wireless network, so you can prevent potential cybercriminals from causing you substantial mental and monetary stress
- Update your firmware.
- Never admin wireless and disable remote access.
- Use HTTPS.
- Modify defaults.
- Use WPA2 or WPA3 (if available).
- Use AES over AES/TKIP.
- Set a strong wireless password.
- Change your password.
- Enable your firewall.
- Keep your router away from the window.
Note: Depending on your router’s manufacturer, some tips/suggestions might not be possible.
1. Update your firmware
Humans are fallible, and so is the technology they create. That’s why manufacturers are constantly striving to update and patch their products as loopholes and vulnerabilities are discovered (hopefully by their internal team, instead of by outside forces).
Getting the latest firmware installed on your router should patch any glaring WiFi security holes, and might even make your WiFi run better.
Visit the manufacturer’s website for more information about firmware updates, and see if this is something that you can quickly do in the event you’re running an outdated version.
2. Never admin wirelessly and disable remote access
Whenever you want to perform admin functions on your router, be sure to connect your computer via ethernet cable rather than using a wireless signal.
This limits the amount of access a successful hacker receives in the event they figure out your password.
If possible, disable the remote management option in the router’s configuration. This option should be available in your admin control panel.
3. Use HTTPS
HTTPS encrypts data being both sent from and received by a website. It’s not only good for internet users, but it’s important for businesses too, and acts as a sign to anyone who visits your website that you’ve taken certain measures to protect them from malicious activity.
If you’re not quite sure how to get HTTPS, you can purchase an SSL certificate (generally from a web host) and then install your certificate to receive the HTTPS designation on your website.
Related: Paid and free SSL certificates? What you need to know
4. Modify defaults
The path of least resistance dictates that humans will take the easiest route necessary to reach a desired outcome. Unfortunately, that means a lot of people end up leaving their defaults “as is” when they set up their wireless network.
Use a robust password of at least 10 characters with numbers, upper case/lower case letters, and special characters. Update your host name, which by default usually describes the model and/or make of your router, to something unique.
Also, some routers will have WPS (WiFi-Protected Setup) as the default. WPS should be turned off, since it’s easily the biggest vulnerability of a WPA2-operating router.
Lastly, change your SSID, because it is another default that signals to hackers exactly what type of router you’re using. Certain routers have particular vulnerabilities, so there’s no reason to help out ne’er-do-wells by proclaiming the exact type of router you’re using to broadcast WiFi.
5. Use WPA2 or WPA3 (if available)
Anything less than WPA2 (WPA, WEP) is simply too easy to crack. WEP is legacy encryption, and can be exploited in minutes by an industrious hacker. If WEP is your only option, it’s time to upgrade your equipment.
WPA3 is being gradually rolled out, but is not available on most devices yet, and may take years to become a ubiquitous part of WiFi security. The only thing better than WPA2 that’s widely available at this time is WPA2 enterprise, but most routers don’t support this option.
6. Use AES over AES/TKIP
When given the choice, select AES (Advanced Encryption Standard) as the exclusive encryption method for your router. The AES/TKIP option is not ideal because your router will sometimes switch between AES and TKIP (Temporal Key Integrity Protocol), and TKIP has been proven to be exploitable.
7. Set a strong wireless password
When it comes to passwords, the longer and more diverse the better. The maximum password length for WPA2 is 64 characters, in case you want to stretch it out a bit.
Again, remember to use upper and lower case characters, numbers, letters and special characters to strengthen your password. Also, never use a word that can be found in the dictionary, because these can be deciphered faster by hackers via dictionary attacks.
Related: 10 best practices for creating and securing stronger passwords
8. Change your password
Changing your WiFi password regularly will improve your overall wireless security. The more often the better, but every 30 days is a good starting point if you’re serious about securing your network.
Try using a password manager to simplify the process, and to help remind yourself of the need to change passwords on a more frequent basis.
9. Enable your firewall
All routers have hardware firewalls built into them — be sure yours is on, as it protects your computer from unauthorized incoming internet traffic that could potentially harm your devices. You can check the status of your router’s firewall while operating from the admin of your router.
This is a vital part of a secure wireless network.
10. Keep your router away from the window
Wireless internet works through the broadcasting of radio signals, so one of the more practical steps toward stronger WiFi security is to make those radio signals harder for people outside of your business or home to access.
Make sure the range of your router’s signal is no longer than it needs to be — there are ways to make these adjustments on your own if you’re worried your signal range is overextending itself.
Conclusion: Be proactive, not reactive, about WiFi security
The importance of wireless security and having a secure wireless network to protect you from the dangerous actions of cybercriminals cannot be overstated. Hackers are too savvy (not to mention numerous), and they’re on the constant lookout for any vulnerability to exploit.
By taking the necessary steps — such as creating new, complicated wireless passwords on a regular schedule, modifying your defaults, and keeping your router’s firmware up to date — you’ll be able to better keep you, your loved ones, and/or your business protected from those looking to abuse your privacy and steal your assets.
Are you ready to take another step toward enhancing the wireless security of your website?
GoDaddy’s suite of web security tools can help get you there. Keeping your web properties safe from negative outside forces is a challenge, but embracing the best WiFi security practices and exploring proactive software solutions is a good start.
Image by: Jadon Kelly via Unsplash.