business.com receives compensation from some of the companies listed on this page. Advertising Disclosure

Home

How to Secure Your Business's Wi-Fi Network

Leah Zitter
Leah Zitter

One way to protect your Wi-Fi network from cybercriminals is to properly secure it.

Using an unsecured business Wi-Fi network is akin to leaving your tangible business assets unprotected. With Wi-Fi, you send and receive digital information over a wireless network. With an unsecured network, you allow anyone within range of that signal to interfere with or hijack valuable business data such as your confidential emails, bank account information and passwords.

Never has the danger been more acute than in our current work-from-home environment. Research from Allianz found that cyberattacks have become the biggest risk for companies, with tens of thousands of business websites hacked each day, and cyberthreats are expected to double by 2025. Just as you want maximum security for your physical assets, you should prioritize security for your business data.

What are the risks to your wireless network?

Smart criminals use an array of cyberattacks to gut your business information. Wireless signals can extend 150 to 300 feet indoors and up to 1,000 feet outdoors, so anyone with a wireless-enabled device, such as a laptop or smartphone, can hijack your connection and infiltrate your business system. Outside, criminals can use a wireless device – sometimes a powerful antenna – to locate unsecured wireless networks.

Then, there's the so-called "evil twin" attack, where sophisticated adversaries fool you into connecting to and conducting your business over their Wi-Fi network. If you work on unsecured public networks, cybercriminals can "sniff" your business communications with special hardware or software – or, simpler still, look over your shoulder as you use your company device. Hackers could even walk away with your device if you leave it unattended in public, gaining unrestricted access to your sensitive information if you don't have strong password protection.

TipTip: Conduct a cybersecurity risk assessment to identify any security gaps that cybercriminals may exploit.

How to secure your network

Take these steps to ensure the security of your wireless network.

1. Create a strong password.

The oldest standard for security networks is WEP (Wired Equivalent Privacy), which might stop a casual hacker but is rather easy to break. The strongest standard of all is the recently released WPA3 (Wi-Fi Protected Access 3), which offers the Wi-Fi Enhanced Open mode for increased security on unsecured networks.

You could also choose WPA3 Enterprise mode (WPA3 ENT) with a RADIUS server that requires login information for each employee. To increase the security even further, you can reinforce the tool by creating a strong password that contains uppercase and lowercase letters, numbers, and symbols. Create different passwords for your personal and business devices.

2. Hide your service set identifier (SSID).

Another step to secure your Wi-Fi network is to change or conceal your SSID. This SSID, or your Wi-Fi network name, is listed among other local networks on your wireless-enabled device. Consider changing its name to one that deters or misleads would-be hackers.

Another option is to remove your SSID from that network list altogether. You certainly should disable that SSID in public settings when anyone with a wireless access point can pick up your signal.

3. Use MAC authentication.

Media access control (MAC) authentication allows only certain devices to access your wireless network. You could set up separate networks for public and private use. Your public network would be a low-security network, while your private/business network would have maximum security.

You may want to subnet your Wi-Fi into "private" and "public" modes to reduce congestion, organize your system and track activity.

Additional cybersecurity steps

In addition to securing your Wi-Fi network, take these measures to protect your entire network.

Activate firewalls, install antivirus software, and back up your data.

Firewalls prevent unwanted traffic on your device. Activate firewalls on your computers and routers to protect your business data. Some companies use software scanners, like Vistumbler and Airodump-ng, to scan the airwaves in their offices for unauthorized Wi-Fi signals.

Reinforce these protective measures by installing the latest antivirus and anti-malware software to protect your computers against viruses and malware. Our picks for the best antivirus and internet security software include Kaspersky, Bitdefender and Avast. You should also back up your data, store copies of it in different caches and in the cloud, and automate data backups. [Learn more about how firewalls and antivirus software can protect your network.]

Use a VPN.

Virtual private networks (VPNs) are paid services that divert your traffic to an encrypted private network. The best of these are no-log VPNs (which means they don't store or sell your data), use 2,048-bit or 256-bit encryption, and contain the latest version of the OpenVPN protocol. They should be fast, local and reliable.

All of the best business VPNs come with advanced security, such as DNS leak protection and a kill switch, for public Wi-Fi hotspots. They're also user-friendly and compatible with many browsers and devices.

FYIFYI: There are many highly rated business VPNs. You can learn more about some top options in our review of NordVPN, our ExpressVPN review and our review of PureVPN.

Critics say Tor browsers are better than VPNs for transmitting extremely sensitive business data, particularly for receiving and transmitting this data in countries with strict internet censorship. That's because the free Tor browser reroutes your traffic over various internet points, thoroughly obscuring your identity and making it impossible for others to invade your network.

Secure your router.

Now that you've secured your network, you should also secure access to your wireless router. These come with either no password or a simple default password that criminals already know, so your first step is to set a unique, strong password. Keep this admin password confidential. Also, make your router password different from your network password.

TipTip: When it is not in use, hide your router to prevent it from being stolen.

How remote workers can practice safe wireless activity

More workers than ever are now working remotely. Gallup research shows that half of today's employed U.S. population works remotely. With so many people working outside the office, businesses must ensure their remote employees aren't working in unsecured cyber environments.

For safer business practices, advise your employees to buy their own routers or modems instead of renting. People who work from home should secure their router's admin credentials in a password manager like LastPass. Passwords should be complex and changed periodically. Networks should contain only relevant connected devices, and workers should ideally employ WPA3 security standards.

Bottom line on Wi-Fi network security

The state of your Wi-Fi network can be the difference between your business's success and failure. Cybercriminals can penetrate your business network in many ways, and research shows that those attempts will double and increase in sophistication over the next five years.

You should protect your wireless network by creating strong passwords and changing them periodically, activating firewalls, frequently backing up your data, installing antivirus and anti-malware software, using a VPN or Tor browser, and creating separate public and private networks.

Image Credit: jacoblund / Getty Images
Leah Zitter
Leah Zitter
business.com Contributing Writer
Leah Zitter PhD is a trained journalist who covers emerging technology across more than 60 industries. Her PhD is in Behavioral Neuroscience which beautifully intersects with the AI/ ML topography. Clients include Google, AWS and Microsoft.