Wireless Security for Business
June 08, 2015
In today’s business world, a major draw for many customers is the ability to stay connected to the outside world while outside the office. Having access to the Internet is a must to accomplish this.
In order to provide this connectivity, this typically means having a wireless network set up for your customers to use. However, it also means placing your business at a potential risk.
In one of the highest profile cases of its time in 2007, the retailer TJX, operator of stores such as T.J. Maxx, Marshalls, and Sierra Trading Post, suffered a breach with over 45 million customer credit and debit card numbers stolen. Brian Krebs of Krebs on Security contributes the breach of TJX to a wireless network being hacked and wireless security.
Outlined below are three steps that will help ensure that a guest wireless network will not put your business at risk for a breach or any other illegal action.
Three Steps For A Secure Wireless Network
1. Properly segment your wireless network
The most common mistake in wireless security comes when the wireless network is not properly segmented. All too often, a wireless router will be purchased and plugged into the POS network. This allows any user accessing the network the chance to retrieve sensitive information in the POS network.
A proper segmentation makes it so that no customer can have access to the sensitive cardholder data. Some businesses go as far as to have a separate Internet connection for its guest wireless networks. While this does completely isolate the cardholder data from the wireless network, a properly segmented network will accomplish the exact same thing.
2. Set up a white-list/filter
Even with a properly segmented network, a white-list or category filter is very important to keep your Wi-Fi safe.
For instance, if a customer uses your wireless Internet connection for illicit purposes such as to torrent music or movies, the Internet Service Provider can send the owner of the business a cease and desist letter. One way to block this access is to enable a category filter on the guest wireless network.
When using a category filter, customers are not allowed to websites that have been classified as adult, criminal, hacking, or whichever categories you wish to block. By not allowing your customers access to these types of websites, you eliminate the potential risk of the police or FBI visiting your location.
3. Disable Wireless at night
The risks of wireless do not end when your business day ends. A wireless router will continue to broadcast its wireless network through the off hours. This provides the opportunity for a passerby to be able to log into the wireless network.
While this may occur with good-natured intent, it is possible that the connection will be used for malicious purposes, as well. Even with the above wireless recommendations in place, it is possible to use a wireless connection in a secure manner, but with illegal consequences. One instance of this would be for a person to create an anonymous connection to the Internet in order to transfer money for illegal purposes. With this in mind, a store front could become a hive of illegal activity at night.