October is National CyberSecurity Awareness Month
Each week a different area of cybersecurity will be highlighted and different tips
will be given to keep you, your computer, your data, and your identity safer.
Short Quiz - How Safe Are You?
Join us on the Haley Center concourse on Wed. Oct. 24 anytime between 8:30 am - 1:00 pm for
FREE CyberSecurity month t-shirts, FREE soft drinks, FREE handouts and checklists on how to keep a laptop and/or home computer safe and secure, and FREE consultation with campus IT experts on CyberSecurity.
How do I keep safe on a Wireless Network?
The number of wireless users on campus and in Auburn has grown exponentially in the last few years. Staying safe on a wireless network is extremely important as seen in the video below. Wireless security can be broken down into three main areas:
Using public Wi-Fi hotspots
People in Auburn have embraced the use of wireless networks. Unfortunately, online predators know this too. Using unsecured wireless networks can leave you computer vulnerable to attack. Here are some tips when using a wireless network:
- Only use legitimate hotspots (wireless access points) - make sure you know who owns the connection you are trying to access.
- Use a VPN client - Download a free VPN client at AU Install. When you connect to a wireless zone log in to the VPN to make your connection secure. For instructions see, How to use the VPN Client at AU.
- Enable your Personal Firewall - Microsoft Windows XP/Vista users have a personal firewall installed. Click your Operating System for instructions on how to enable it: Windows XP | Windows Vista. Other operating system users can download third party software, such as ZoneAlarm.
My home wireless network
Since your neighbors, or anyone else within range, can potentially connect to your wireless access points, you should take extra security precautions when setting up your home wireless network.
The methods listed below vary in their overall effectiveness, but remember that a hacker will probably try to find the path of least resistance with regard to breaking in to your network. The more of these measures that you take, the greater the chance that someone will simply move on and attempt to locate a less secure network.
- Choose a strong administrator password
Most routers require an administrator password to access the setup and configuration settings. However, the default passwords for these routers are generally weak, and some have none at all.
You should change the default password to something strong; for ideas on creating a good password, see Selecting a Strong Password. Once you have set up your wireless network, you will probably not need to use this password frequently, so you can use a very strong password without worrying about ease of typing it in. If you do lose the password, you will have to reset the router to factory settings and set up your network again.
Some routers will also let you change the administrator name; if you have the option, this is another good way to protect the security of your WLAN.
- Disable remote administration
Many wireless networking routers offer the ability to allow administration of the router remotely, from anywhere on the Internet. Unless you require remote administration and are very familiar with WLAN administration and security, it's a good idea to disable this feature. Otherwise, anyone connected to the Internet could conceivably gain administrative access to your router and your network.
- Encryption
For best security, you should enable or set an encryption password. All Wi-Fi equipment will support a form of encryption; you should choose the most secure type that will work across all the devices that you need to connect.
If possible, use WPA2/WPA (Wi-Fi Protection Access) rather than WEP (Wired Equivalency Privacy). In addition to the known weaknesses of WEP, WPA provides better protection and easier to remember passwords.
However, sometimes WPA2/WPA encryption is not feasible: Some devices, including PDAs and MP3 players, will only support WEP. In these cases, you should use WEP encryption, as it still provides some protection. If you do need to use WEP encryption, be sure to choose a robust, secure password, and change it relatively frequently.
- Change your default SSID
Your SSID (Service Set Identifier) is the name of your network. Most commercial products have a default name (e.g., Linksys routers are usually set to "linksys"). You should change this default name, and choose a unique, robust name, preferably a longer one with letters and numbers. Your new SSID should not contain personal or sensitive information such as your name or address.
Also don't broadcast your SSID. This requires that you manually add a wireless network on your computer, but it prevents people from finding your network easily.
- MAC address filtering
MAC addresses are unique to each network adapter, whether wired or wireless. Most wireless routers offer some sort of MAC address filtering, which will limit access to your wireless network to specifically allowed devices.
Specifying permitted MAC addresses can be time-consuming, especially if you have many wireless devices or change them frequently. Additionally, a knowledgeable hacker can easily spoof or fake a MAC address, so you should not rely on filtering alone to protect your WLAN. Despite these potential drawbacks, however, you should use MAC address filtering if possible; it can add a valuable layer of protection against unauthorized access to your network.
Using handheld devices
If you sync your e-mail on your phone or other wireless device this information could be read if your device was lost or stolen.
- Password protect your device
Check the documentation that came with your device for instructions on doing so.
- Employees using the Blackberry Enterprise Server or the GroupWise Mobile Server
You may request a remote device wipe if necessary. You would use this if your device is lost or stolen. The device can be remotely wiped out as long as it still can communicate with the wireless network. If you are able to locate the device later you may re-activate it with AU's wireless e-mail servers with no issue. Contact the OIT HelpDesk for help with these actions.
Check back next week for tips on Spyware and Safe Browsing Tips!
|