Each day wireless data transmission technologies become more and more popular. Wi-Fi network security may be under threat, as most devices are equipped with special adapters that allow anyone to easily access it. Desktop computers, laptops, tablets, smartphones and even TVs may be incorporated into a single structure having the access to shared resources and the Internet. This is done without any direct physical connection of the device, unlike in the conservative wired networks. On the one hand, this is an advantage – no need to connect the network cable to your router, but the vulnerability of a Wi-Fi network increases, because it is impossible to determine who uses the network without special surveillance.
The signal aired by modern Wi-Fi devices can be stable at the distance of dozens or even hundreds of meters. This means that your wireless network is de facto available far outside of your apartment. Interception of network traffic, access to the shared resources, personal data, use of the Internet channel are just few of the troubles you might face due to an insufficient level of security.
Today there is a rich arsenal of tools to protect your Wi-Fi networks.
- A complex password. Access to the network can be protected by password verification. A good password to ensure reliable protection must contain uppercase and lowercase letters, and numbers. And it is better to use a random set of characters rather than a word. It is highly undesirable to use a logical structure, such as your date of birth or phone number. A complex password significantly complicates the work of any hacker – application of bruteforce programs in this case is impractical.
- Using WPA, WPA2 and WPA-PSK instead of WEP. Initially, Wired Equivalent Privacy technology was developed to provide security in Wi-Fi networks by encrypting data under a special algorithm. However, this method is no longer reliable. With the help of special programs, such as AirSnort or WEPcrack, which anyone can download, it would take about an hour to get the access to LAN with such level of protection. WPA was later succeeded by WPA2 and WPA-PSK – more advanced technologies which deliver better security. In fact, they all combine several technologies - 802.1X, EAP, TKIP, MIC - multi-level protection with a complex encryption algorithm key. They all provide for both traffic encryption and prevention of unauthorized connections. To use one of these methods of protection you need to choose the respective option in your router settings.
- VPN. Virtual Private Network is a universal technology applicable for both wired and Wi-Fi networks. After installing VPN-gateway, the users are able to share data over a secure dedicated channel. The encryption system makes the traffic highly secure and inaccessible to third parties.
- Change of SSID identifier. Service Set Identifier (SSID) is the name of identifier that ensures the work of the network. Each Wi-Fi device, such as a router or a special USB-adapter, has its unique features; among them are the known vulnerabilities. This facilitates the hacker’s work, because knowing the exact brand of the equipment hackers can resort to standard methods to bypass the protection. Hence, you need to replace the standard SSID, which often coincides with the brand name and model of the device, or better yet - prohibit broadcast of this identifier.
- MAC access. Each active piece of network equipment has its unique identifier – the so-called MAC-address (Media Access Control). Often, LAN connection is based on identification of this data. You can create a list of the allowed MAC-addresses to be granted access in router settings. Although MAC-address can be replaced with software, this method of protection is considered to be an additional obstacle.
- Reduced probability of Wi-Fi detection. Many modern devices can reduce their radio signal power. This sometimes helps making the signal inaccessible from the street. Naturally, no one outdoors will be able to connect.
- Critical data protection. The latest versions of Windows operating systems allow for encryption of files, folders or drives. Such data becomes no longer accessible on other computers as the access to information requires a special key. This is a reliable method of protection, as it can be implemented with the help of third party software.
- Firewalls. Even when Wi-Fi security is breached, you can still restrict the access to each individual device in the network. This is done by means of firewalls.
- Static local address instead of DHCP. To ensure greater level of security one should not use the “assign IP address automatically” option for each network device. Instead, it is better to manually assign the necessary data.
- Change of router access default settings. Configuration of any device enabling the work of the network can be reset to its original state (factory defaults). The access requires the address of the device, username and password. Most often, the word «admin» is both username and password. And that is the first setting to be changed.
There is no universal method to guarantee a 100% Wi-Fi protection. Security is a set of measures applicable in each individual case. Therefore, individual approach to ensure the maximum protection is the way to tackle this issue.