Archive for the ‘I.T. Security’ Category

Is Your WLAN Secure Enough for Business Applications?

WLANs (Wireless Local Area Networks) have led to convenient workplace productivity while on the go within the institution as well as within the common home. While this mobile technology has been helping businesses and households alike, a common threat remains. One major threat is commonly known as “middleman” interception. Along with the threat of interception of valuable data by a third person or program, there also lies the common threat of viruses and malware installations that can take place as well.

WLANS use radio waves to transmit data, because of these radio waves it is not an unconceivable threat for a cybercriminal to use a receiving device to gain access to your computer files or upload malicious hacking, virus, or spyware programming. If you work from home at times, these programs can go viral and attack other network systems that you later become in contact with in respects to your computing device including your own business network.

What this could mean to you as well as your network include identity theft (yourself and customer database), server destruction, network shut downs, and more ugly scenarios. The shocking statistic is that more than 60% of WLAN users are unprotected entirely!

By following some of these tips you can better help protect your computing devices from becoming ticking time bombs. Security in a wireless age is nothing short of a necessity. These tips should be implemented immediately in your office and place of business or you may one day soon face dire consequences.

Security Tip 1 - Make sure all administrative passwords on your wireless routers and your access points are secure. The best way to secure passwords is to create your own passwords using a combination of lowercase and uppercase letters (don’t spell things), numbers, and symbols of at least 10 key strokes. Do not share your passwords, do not use birth dates, and if possible … change your passwords every month.

Security Tip 2 – Make sure you have enabled 128-bit WEP encryption at the minimal on all devices. Make sure your WEP keys are changed tri-annually. While this security level is considered minimal, without at least 128-bit WEP, you are an easy target.

Security Tip 3 – On your access points and routers use password like user names that are complex and uneasy to guess on your default SSID. The security keyword is “default”. Make sure you have your computers point to the SSID as your default.

Security Tip 4 – If available on your router equipment and computers, make sure that the settings are set to not broadcast your SSID.Security

Tip 5 – Have all wireless cards installed on computers set to allow only access to access point networks. This also means no P2P access! Have all  anonymous requests and pings blocked ASAP.

Security Tip 6 – Make sure you have MAC filtering enabled and allow only MAC addresses that are registered to your network.

Security Tip 7 – Make sure the routers are firewall enabled. Firewall on computers can help as well.

Security Tip 8 – Make sure your router’s firmware is always up to date. Firmware often will tackle additional security risks so it is imperative to have this updated as often as possible. Weekly at the minimum.

Security Tip 9 – Reduce the temptation of wrongdoers by weakening your WLAN signals outside of your premises. This is most easily done by having the routers away from windows and enclosed within walls of your building.

For network Internet connectivity for businesses visit our business Internet page at http://topsavings.net/business-internet-phone/internet/

I.T. abuse is a common workplace problem that can cost an organization bandwidth costs as well as risk the overall security of private data. Here are some quick tips to help prevent such information technology abuse in your enterprise.

Get enterprise bandwidth quotes and save while receiving redundant connectivity from top tier providers. Get your business Internet quote by clicking here.

1. Discuss with employees what is acceptable workplace use of company Internet, cell phones, landlines, etc. Training may even be necessary to keep your employees informed of acceptable business practices for security.

2. Keep all employee passwords complex and change them every so often to keep the password not so memorable, even within your own organization. Make sure you have a policy and contract put together for all employees with access to communications,  even the secretary with simple web access.

3. Consult with a state lawyer on your employees privacy rights and what is acceptable monitoring on behalf of your organization then put into place whatever software and security hardware necessary within the law to enforce your policies.

4. Keep hardware under physical security and limit access to server rooms, PBX, etc.

5. Expect hostile breaches and plan out maps for what to do if such breaches occur.

6. Segment company data to specific departments and allow access to any data on a need to know or use basis period.

7. Discuss with managers and human resource officials the potential threats of disgruntled employees. Create a reporting system to monitor such threats.

8. Destroy all passwords and access usernames the day any employee leave the company.

9. Make sure all computers and systems are protected against spyware, malware, and viruses with the appropriate software.