Many small businesses don’t have dedicated technology staff to install, configure and update their networks and the job is often left to somebody who may not have had formal training.
While networks make it easy to share information within the office and with others, an improperly configured network risks allowing outsiders to disrupt your business activities or steal data.
Here are six essential steps for protecting your business network.
1. Change the defaults
An important first step when setting up a network is to change the default password for your router. A router’s default password is usually published on the manufacturer’s website, making it easily discoverable by would-be attackers. Choose a new, strong password that is at least eight characters long, difficult for others to guess, and isn’t re-used for any other service your business uses.
It’s also wise to disable ‘remote configuration’ of your router. Disabling this feature ensures your router can only be managed from a computer within your network rather than from a person logging in from the internet.
2. Hide your network
Your office network has a name, known as an SSID. These are the network names you typically see when you’re travelling, or are in a public place, and looking for a Wi-Fi network to connect to.
Limit the ability for unauthorised users to find or access your network by disabling the SSID broadcast. You’ll need another way to communicate the name of your wireless network to new users – perhaps you can simply tell them.
Find the ‘disable the SSID broadcast’ option in your router’s settings.
3. Protect your data
To prevent unauthorised access to your networked files, wireless communications between the computers on your network should be encrypted. Encryption scrambles your data so only the devices that are authorised to use the network can read it.
Setting up encryption on your network is usually done through the ‘Wireless Security’ settings on your router. It typically involves selecting the type of encryption for your network, and creating a network password or key.
WPA2 is currently the most secure type of encryption for small business and home routers, provided it is combined with a strong password. Users are asked for a password when connecting to the network for the first time, but won’t be asked on future occasions.
Less secure encryption options such as WEP should only be used on older routers where WPA2 (or WPA) is unavailable.
It’s a good idea to regularly change your network password. Doing so will prevent staff members that have left the business from having ongoing access to the network.
4. Create a guest mode for visitors
When guests pop in to the office – be they temporary staff, contractors or friends – it’s common to offer them network access so they can use the internet. Look for options on your router that offer visitors access without granting access to other network resources such as servers or printers. Most routers call this ‘Guest Access’.
Modern routers can usually create a separate network that gives connected devices access to the public internet but nothing else. You’ll find these options within your router’s wireless security settings.
5. Turn off features you don’t use
Modern routers come with a range of features. Services like FTP, UPnP and WebDAV are useful for specific applications. But if you don’t need these services, don’t turn them on.
Each enabled service is a potential opportunity for unauthorised users. It’s what security experts call the “threat surface” and the best approach to data defence is to make that surface as small as possible.
6. Keep an inventory of approved network devices
It’s good practice to maintain an inventory of approved devices and update this list any time a device is added or removed from the network. Regularly comparing your network against this list and removing access to devices that are unknown or not approved will improve the security of your business.
General Advice Disclaimer
This article contains general advice only, which has been prepared without taking into account the objectives, financial situation or needs of any person. You should, therefore, consider the appropriateness of the information in light of your own objectives, financial situation or needs and read all relevant Product Disclosure Statements before acting on the information. Whilst every care has been taken to ensure the accuracy of the material, Paradigm Strategic Planning or Sentry Advice Pty Ltd will not bear responsibility or liability for any action taken by any person, persons or organisation on the purported basis of information contained herein. Without limiting the generality of the foregoing, no person, persons or organisation should invest monies or take action on reliance of the material contained herein but instead should satisfy themselves independently of the appropriateness of such action.
Paradigm Strategic Planning Pty Ltd is an Authorised Representative of Sentry Advice Pty Ltd AFSL 227748