Boost your Wireless Security
One of the downfalls of early wireless technology (WEP) is that it suffered many flaws that allowed an attacker to gain access to your network or the ability to read the “encrypted” data stream. Since some older home devices (TiVo's, etc.) do not support WPA or WPA2 encryption, these homes may still be using this outdated encryption scheme.
WPA and WPA2
Future wireless developments led to WPA encryption. WPA was release in 2003 as an effort to overcome the major shortcomings of WEP. Although this encryption sufficed for some time, it was quickly replaced with WPA2 in 2004, which addresses the flaws and lessons learned of WPA.
Today, most new wireless access points will default to WPA2-Personal, which is considered the standard for home wireless implementations. While there are mechanisms available in WPA2 to ensure more security, it is too complex for home implementations but are commonplace in businesses and orgaizations.
One of these is WPA2-Enterprise (802.1x), which moves away from the pre-shared key method of WPA2-Personal and to an authentication and authorization model. This most commonly uses a RADIUS or Network Policy Server (NPS).
Wireless access point vendors also allow other means of connecting to a wireless network.
Cisco Meraki one of many companies that produce cloud managed access points for use in any size of environment. One of the interesting features within the product will allow authentication to the wireless network after a connecting user "Likes" the company's Facebook page.
This feature set takes advantage of the social normality of connecting to wireless access points in public. It also has synergy with brand awareness and marketing to help cost-justify the solution.
My Home W-Fi Setup
In my house I have a Cisco Meraki access point setup to use WPA2-Personal on a trusted SSID for my trusted devices and an additional guest SSID broadcasted with AP-Isolation enabled. This ensures that the devices that connect cannot see one another and keeps the traffic segmented.
AP-Isolation prevents effective use of a vulnerability scanner, for example. Businesses can take advantage of many additional advanced features such as the wireless Intrusion Prevention System (IPS). This detects and neutralizes rogue access points visible on the network.
Are you concerned about your wireless security? Let's Talk.
Author: Chad Akileh
Equilibrium IT Solutions, Inc.