Since the global WiFi protocol, WPA2, was hacked in 2017, we’ll go through some important security awareness stats and recommendations for using wireless networks, and the devices that connect to them, for business purposes.
Assume that everything we do on a wireless connection is open for all to see.
Business owners will want to ensure they are covering their bases and have policies in place to fulfill legal and regulatory steps to secure their business and their client’s information are safe when their people are using internet for company transactions.
Which wireless option is the most secure?
Sending or receiving sensitive information on wireless should be avoided at all costs. How insecure? A medical facility sending patient information via plain text email, for example, is completely hackable. The data could be easily seen and scooped up without anyone noticing.
Does the clinic doctor carry a laptop with them? Do they now connect to a secured, physical line in the exam room to ensure your patient data is not accessible? Not likely. Does the restaurant you eat at now take you to a special corner to make your payment via a secured, physical line instead of the wireless device? Probably not.
People are people. Users still prefer selecting the nearest WiFi network available to them, rather than “using up their data” on the cellular network. This includes people who have their data paid for by their employer!
Interestingly, cellular networks are more secure than your average WiFi network. Why? Cellular providers take advantage of encryption that protects their users which, of course, is in that company’s best interest. However, if more users casually select the nearest open WiFi connection, they’ve already failed at step 1. Awareness and training are a necessity in this new technology landscape, and we don’t mean a one-time reminder.
Consider Lessening the Impact
Most businesses will have a secured company WiFi connection and a Guest Network. Consider separating the business traffic from the guest traffic exclusively (and we’re not just talking separate SSID’s).
Despite taking necessary steps, there will ultimately be times where an infection takes place, requiring you to execute the steps in your post-breach plan.
If you’re a business owner with concerns around security, your business lacks a pre-breach & post-breach plan or you’re interested in user awareness training, please reach out to ActiveCo Technology Management for a conversation.