Statistics, made up by me, say that you are never more than 10 feet away from a device that has been locked with the ultra-secure password ‘Password’. If this is you then I recommend changing that password right now. Go ahead, I’ll wait.
Back? Ok, now pay attention to these tips on network security then go and change it again because ‘Password1’ still won’t do.
1. Change your passwords regularly. It’s number one on the list. In a movie hackers sit in front of several monitors rapidly tapping out code onto a screen before the inevitable ‘I’m in’ and suddenly the world is at their command. In real life a hacker is often more likely to find a staff members name, check their Facebook for a child or pets name and try those because people tend to be unoriginal. Set a date, every month, where everyone has to change their password. A good I.T. team can set this up by group policy so no one can avoid it.
2. Don’t use the same password for everything. There are probably at least a dozen sites from my misspent youth that I registered for using the same password and if someone was desperate to see my forum posts from 1998 then it wouldn’t take long to guess it. I’m not worried about someone guessing that password though, and if your business doesn’t have any sensitive information stored anywhere electronically then neither should you.
3. Check your firewall doesn’t have open ports. Open ports aren’t just an unlocked window for the probing opportunist. Open ports are an open door to a room full of your cash with a big sign saying ‘Our guard dogs are deaf’. Treat any opening into your network like you would into your premises and keep it locked down tight.
4. Use long passwords. Brute force, a computer repeatedly trying combinations of common words and numbers to guess your password, is still a common practice especially as people still make it so easy to do. Sticking to the six or eight character minimum just means a computer guessing it will try words with those number of characters first. The more characters you add the more possible variations you add and the longer a hack will take.
5. Use passwords with special characters. If you stick to the standard alphabet (including capitals) an 8 letter password will have 53,459,728,531,456 different combinations. If you press shift plus a number key you get special characters which increase the number of combinations to 722,204,136,308,736 (that’s 722 trillion vs 53 trillion). Anything you can do to increase the complexity of a password is worth doing.
6. Use strong encryption on your wireless network. Did you know there are ways to make a mobile phone replicate an access point on a network and copy all the data travelling through it to an off-site location? Even in general terms a wireless network is never very secure so encrypting your data is a must. It makes it virtually impossible for data to be used anywhere but where it’s meant to be.
7. Don’t use your business name for your wireless network. When trying to connect to a wireless network various names appear on a list, this is the SSID or ‘Service Set Identifier’. Using your business name on your SSID only serves to make you a target for people trying to break into it and no one outside of your organisation really needs to know which network is yours. If you happen to have regular visitors needing access then a separate ‘Guest’ connection can easily be set up by a good I.T. team.
8. Never use default passwords on your devices. There’s a sticker under most routers with a string of letters usually next to a listing of ‘WAN-PSK’ or something similar. This is the factory default password for the wireless network and some manufacturers randomly generate a different one each time and some use the same one for all of their devices. Changing this password takes a minute but it once again closes an open door for intruders. Like your other passwords it should also be changed regularly.
9. Have good quality, regularly updated antivirus. With your network castle under siege from invaders changing your passwords and closing ports are pushing the ladders off the walls and blocking the tunnels underneath. If you want to drop the portcullis and pull up the drawbridge then make sure your antivirus is up to date and, for a business network, paid for. Each point of access, be it computer, phone or tablet, is a potential doorway for malicious software to take over your network and hold you to ransom. Free antivirus works fine for a home network but the severity of attacks that a business network can suffer means you need to have a fully paid for and supported software protecting your business from harm.
10. Make regular off-site, encrypted backups. Some of the biggest companies in the world have been successfully hit by hackers. Sony’s Playstation network had thousands of customers personal information stolen from it. Apple’s iCloud, a supposedly safe place to store private and intimate photographs, was notoriously hit and those pictures shared with the world. These companies are not just changing passwords once a year and using free antivirus, they have some of the most sophisticated protection available and still they were hit. If the worst happens to you, which it might, having secure backups stored outside of your network means you can recover from it within a day rather than weeks. All of this can be automated so you never even need to know it’s happening.
Posted to Network Security