If you’ve been reading the news lately, you may have heard about Albert Gonzalez, the criminal who stole millions of credit card numbers from supposedly secure retailers such as TJ Maxx, Office Max and 7-Eleven. Although Gonzalez had a sophisticated team of hackers to aide him, the security hole through which he gained initial access was surprisingly simple: the wireless network.
Today, almost every home, coffee shop and business has its own wireless network. Many give customers unsecured access to these networks for personal use. But as Gonzalez demonstrated, improperly secured networks can be an invitation for identity theft.
To ensure that your business remains safe, follow these measures:
Log in to your router
Wireless routers are extremely easy to setup and use. In fact, all you really need to do is plug it into the wall and turn it on and you’re on the Internet. Because of this, few people actually know how to log in to their routers to configure it.
Your manual will tell you how to access your router’s settings. But if you’re like the vast majority of us, you lost that years ago. A simple Google query can find you the right address to punch into your web browser to pull up your router’s settings. For most models, you simply need to type in 192.168.0.1 or 192.168.1.1 to your computer while connected to your router. After this, you’ll be asked for a username and password. Since you haven’t set one up yet, this will be the default (username: admin password: admin or 1234). You can Google this, too, if you can’t guess it. Once you’re logged in, change your password immediately. Otherwise, anyone can log in to your router using the default login.
NOTE: This login is different from the one that users will enter to access the Internet.
Change your default SSID and cloak it
By default, your router will have a generic SSID such as NETGEAR or LINKSYS. Your router will also be visible by default, meaning anyone within range will be able to see it and join it. Change it to something unique and enable cloaking. This way, only people who know your SSID will be able to use your wireless network. You may also consider buying a superboost wifi to enhance your security and at the same time to boost your connection.
By default, this will likely be WPA. Depending on your router, you will have several options. Choose WEP or EAP.
Enable MAC filtering
MAC filtering bars anyone from using your network except the computers that you have designated. For a complete guide on MAC filtering, see this tutorial.
Password-protect or disable file sharing
iTunes, OS X and some Windows programs allow an option to share files over the network. Other programs, such as P2P clients and BitTorrent clients also allow outside users access to your files. Turn these options off or add password protection.
Secure your router physically
No matter how much security you have setup wirelessly, nothing will prevent a hacker from tinkering with your router if they can physically plug into it. If you have a router setup for your business or store front, keep your router in the office or another area where only managers can access it.
These security methods are by no means fool proof. But given that a startling number of users never bother to configure their router security settings, these simple measures may protect you from drive-by hackers. The next time you are looking for a wireless Internet connection, take note of how many list the default SSID and don’t require a password. These are prime targets for hackers.