Five Steps to Creating a Wireless Network --- Step 5
Securing your Wi-Fi® Network
Here are a few simple steps you can take to maximize the security of your wireless network and to protect
your data from prying eyes and ears. This section is intended for the home, home office and small office user.
Deploy WPA (Wi-Fi Protected Access) or WPA2
Most importantly, deploy Wi-Fi Protected Access (WPA) or WPA2. WPA is a standards-based, interoperable
security enhancement that strongly increases the level of data protection and access control for existing and
future wireless LAN systems.
Change Your Default Password
Most wireless networks ship with a default password provided by the manufacturer. Change it as soon as
possible. Most hackers can easily figure out the default password once they identify the make of your
network access point.
Close Your Network (If Possible)
If possible, block the SSID (Service Set Identifier) from being broadcast. This has the effect of "closing" your
network. Many Wi-Fi systems enable you to close the network.
All access points ship with a wireless beacon signal so that wireless PCs can more easily find them. In effect,
the signal is shouting, "I'm here! Log on!" By turning the SSID off or by "closing" your network, you make it
much harder for hackers to find you: If they don't know your network exists, there's less chance they will
spend the time to crack your communications. So, if your equipment permits you to close the network, make
sure you do so.
Change Your Network Name
Most access points ship with a default network name. When your network is up and running you should
change the name to something personal, yet hard to guess. In other words, if your last name is Smith, don't
call it the Smith network. Many companies, even large corporations, label their network with their company
name or their address. Don't do it. Be creative. A combination of letters and numbers is recommended, but
don't use your street address!
Move Your Access Point
To increase privacy, place your access point in the middle of the room, away from open windows and doors.
The more metal and wood you put in the way, the less distance your wireless messages can travel. You can
test how much of your signal is escaping from your business or home by taking your Wi-Fi equipped laptop
outside (for a site survey) and checking to see how far you can go and still make a connection. You might be
Use MAC Control Tables
Use MAC (Medium Access Control) tables if your access point supports them. Like all networking devices, a
Wi-Fi radio, has a unique MAC address coded into its memory. By using the MAC Access Control List (ACL),
you can limit the wireless connection to only those Wi-Fi radios whose MAC addresses are directly enabled in
your access point. It's like call blocking on a telephone, but for a wireless LAN. If a rogue wireless radio with a
MAC address that is not in this table tries to connect to your network, your access point will not let it.
Other Simple Solutions
There are various ways to set up your computer's directories and network to protect your stored files and
data. One way is to turn off "Sharing" and use "Passwords" to access directories holding confidential files.
Sharing and Passwords are accessed in Windows by right clicking on the directory and going to the
"Properties" command. Also see Windows Networking Tips and Secrets
Remember that most web sites that handle purchases, credit cards and other financial information usually use
encryption methods such as SSL (secure socket layer) to protect sensitive data. So most financial data
transmitted over the Internet is already encoded from the time it leaves your computer until it reaches the web
Use a VPN (Virtual Private Network)
Many large companies use VPN (Virtual Private Network) technologies for staff that need to remotely access
the company's corporate database. VPN systems also work for Wi-Fi wireless networks.
A VPN creates a virtual tunnel from your computer through the local wireless access point, through the
Internet, and then to your corporate headquarters. Even though it can be complicated and expensive, using
VPN creates an almost impenetrable wall of security for your wireless communications whether you're
working from home, an airport lounge or your company's meeting rooms.