By Douglas Pitcher, e-Management

Today, as the lines between home and work computing continue to blur, organizations need to be concerned with their employees’ security practices on their home wireless networks. The last thing you want is for a hacker to compromise an employee’s computer via an under-secured home wireless connection, and then quickly and efficiently travel down that handy remote user Virtual Private Network (VPN) tunnel straight into your business’s network. Not surprisingly, IT managers are now deploying training on wireless security, specifying wireless router hardware and/or configuration settings, and in some cases, providing firewall/VPN endpoint appliances (managed from the data center) for key employees’ in-home use. Educating employees on the secure use of wireless home networks can be as simple as reviewing the practices of “SAFE WIFI.”
SSID Broadcasting “OFF”
Activate WPA2 encryption and authentication
Firewalls (and especially proxy-based firewalls) are best
Employ strong passwords

Web controls
Inactivate “automatically connect to non-preferred networks”
Filter MAC addresses “ON”
IPSec VPN as remote connection to the office

SSID broadcasting “OFF”
There is really no reason to broadcast your home wireless network SSID. Liken it to the risk you take when you put a sign outside your house with not only your last name, but the first names of all who live there. In providing your name and address, and given the ease by which criminals can obtain additional information about you on the Internet, you make a good identity theft target.

Activate WPA2 encryption & authentication
You have three standard choices for securing your wireless communications. They are, in order of increasing security: WEP, WPA, and WPA2. Also, of course, you could choose to not enable any of these, and then all it would take is someone with the right “tuner” to pick up your radio signal and “listen in” on all of your communications; or worse yet, to use your wireless signal to hack into your computer and other connected networks. WEP provides very little protection. On the other hand, WPA and WPA2 offer encryption for the initial negotiation as well as the later communication packets, with WPA2 offering stronger encryption. It is generally thought that this encryption is likely to be hacked at some point in the future, but for today’s home user, it’s a good security option for now.

Firewalls (and especially proxy-based firewalls) are best
More and more, we are seeing firewalls employed in home networks as an effective way to beef up security. Check to make sure that your wireless router has firewall capabilities, or better yet, add a firewall device in-line for better security. Looking to tighten the wrench one more turn for increased home network security? Then, your firewall should offer “proxy-technology” for true application layer security—a step above standard packet filtering.

Employ strong passwords
Today’s strong passwords are at least 13 characters, they use upper case, lower case, numbers and symbols; they use nonsense words, and have no direct connection to the user. An example of strong passwords would be:
“When U W1sh upon a St@r” or “Yr10Mth03ihtcts4us” (Year 2010 Month 03 i have to change the scheme 4 us)

Web controls
Today’s cyber attackers aren’t just adolescent pranksters. Hackers include organized crime; and it’s big business. Their tactics are sophisticated and they make special efforts to get victims to go to phony web sites that look real. Once there, they get you to enter personal information so that they can steal from you directly. Given today’s’ environment, it just makes sense to limit where you and family members visit on the Internet. Limiting Internet activity to known good areas will help you to achieve a secure home network.

Inactivate “automatically connect to non-preferred networks”
Another way that criminals can gain access to privileged information and then use it to hack into your wireless network is by setting up a rogue access point. In other words, they place an access point in range of your home and then try to get you to log on to the rogue AP. Usually, if they can reduce the signal of your wireless router enough, and you have “automatically connect to non-preferred networks” activated, then you will likely connect to the rogue without even knowing it. Therefore, to reduce threats from rogue access points, you need to inactivate this setting.

Filter MAC addresses “ON”
Another option you have is to set up your wireless router to only allow known computers to connect to the network. It is still possible to “spoof” a MAC address. So, this makes it so much harder for someone to hack into your wireless network. You get enough of these annoyances, and you are just too much trouble for the average hacker. That’s a good “problem” to have.

IPSec VPN as remote connection to the office
Why are hackers interested in your home wireless network? It depends. A few cyber crooks specialize in identity and consumer theft. Others are after bigger fish—namely, your employer. More and more employees are working from virtual or remote home offices and it is perceived that the remote network connection has more lax defenses than other network interfaces. Criminals see this is as an opportunity to penetrate the corporate network perimeter in order to reach a bigger payoff.

Did you know that entire botnet armies are set up to recruit until they find the right path into a target company? For this reason, your home network wireless security and your VPN connection to the network resources both contribute to a safe computing environment.

While there is no guarantee for 100 percent hacker-free security, the “SAFE WIFI” practices package some of the best security that is commonly available with today’s commercial products, to make your home wireless network a less attractive target for criminals. However, this is a rapidly changing environment, and you will want to keep the lines of communication open with reputable resources and your corporate IT manager so that you can enjoy the convenience of wireless communication in the home now and in the future.

Cyber Bad Guys vs. You
So, what steps are you taking to protect your home and office network from cyber bad guys? Have you been a target of hackers? If so, how did you resolve your issues? Do you have any questions for our cyber experts?