Back to Top

Setting up a secure network

Prevention is always better than cure, they always say. And this saying is also valid when it comes to network security. Once that a hacker has managed to connect to your company network, he will be able to do all sorts of nasty things.

He can use freely available software to get a list with all the devices which are connected to the same network, for example. Then, he can search the web, looking for various device vulnerabilities. Some applications can even determine the names of the previously accessed Wi-Fi networks, and hackers will use this information to set up their own hotspots that use identical SSIDs. Due to this, some of your wireless devices will connect to the new networks, giving the cyber villains full access to their data.

It goes without saying that all the shared network resources will be accessible to them as well. Those confidential documents which have been stored on your file server won't be private anymore. The guy would even be able to print 1,000 "you've been hacked" copies using a shared printer if he wanted to!

However, most cyber criminals prefer to keep a low profile. They will install a clever piece of malware which will quietly infect all the computers on the network. Or they will enroll your devices into a huge army of botnets, which will then be used to launch devastating DDoS attacks.

secure network

So, how can you secure your network? Begin by using a secure router. It's best to invest your money into a device that includes advanced security features out of the box. Look for a model that has got a built-in hardware-based firewall, for example. Router manufacturers will soon release the first wave of WPA3-compatible products, so be sure to pick a device which supports this new wireless encryption standard.

Disable your router's Universal Plug and Play (UPNP) feature, which allows the existing network clients to discover newly connected clients. And don't forget to update the router firmware as soon as its manufacturer releases a new patch. You may need to subscribe to the company's newsletter to get these notifications, but it's something that you must do if you want to protect your business' data.

Invest into a network firewall. Yes, your router may include a firewall as well, but a dedicated device will offer better protection, while giving you access to a set of advanced network traffic filtering rules.

Modern routers incorporate two sets of transmitters and receivers, so they can operate on the 2.4 GHz and 5 GHz bands at the same time. Resist the temptation to use the old 2.4 GHz band; it's got a better range indeed, but it will also make it easier for hackers to connect to your network wirelessly. The 5 GHz band isn't perfect for long-range Wi-Fi data exchange, but it offers better data transfer speeds.

Install software-based firewalls on all the devices. Most security solutions incorporate firewalls these days, so pick a product that's got great ratings and install it on your computers, laptops, tablets and phones. It is surprising that many business owners utilize decent antiviruses for their PCs, and yet they don't use virus detection solutions for their tablets and/or phones. Don't make the same mistake; ensure that all the company devices are protected by an antivirus.

Use a Virtual Private Network (VPN) service. This way, your public I.P. address will be hidden, and the company data that travels across the web will be encrypted. Not all VPNs are created equal, though. Some providers will even offer free VPNs, because they collect, and then sell their users' data to advertising companies. So, make sure that you are using a service that's offered by a reputable company.

Apply these tips and I guarantee that you will be able to set up a secure network. Then, train your employees, helping them understand the dangers that arise from opening unsolicited email attachments, clicking strange links, and so on.