Chances are you have a wireless network at your business, WiFi everywhere. It’s in your home, it’s in the coffee shop, it’s in the mall, and it’s in your car. It’s getting to be ubiquitous. But is it in your office? The wireless networking we all take for granted today connects us to the world and enables all kinds of cool technologies, from the most basic form of internet access for the everyday user, to enabling smart homes with Wi-Fi accessible lights, locks, and HVAC.
Providing your guests with WiFi access has come to be expected, but are you also giving them access to your server and sensitive information?
When we visit clients, quite often we take a tablet, laptop or phone, and if it’s available, connect to the Wi-Fi so that we can access the most current information about their account. It is incredibly useful and it gives the appearance of information being always available. But what do you do when it’s an auditor, or a client, or a guest that needs access, and not your employee or IT guy? While you certainly can give them access to your Wi-Fi, might you also be giving them access to your server and sensitive information? That doesn’t seem like such a good idea, does it?
So what do you do to implement guest access in your network? You need a few things. First, it requires the right firewall for what you want to accomplish. The average small business firewall from six or seven years ago did not include the capabilities needed to create a Virtual Local Access Network (called VLAN) which is the fancy term for creating a segment of your network that can only do a specific thing. In this instance, for guest wireless access, you need to create a “Guest VLAN” that only allows internet traffic and does not touch your network. Today’s firewalls often include the technology for creating multiple VLANs. Also, some of the new enterprise access points we carry can provide these capabilities without changing your firewall. The second thing you need is a Wireless Access Point that can handle more than one SSID, or wireless network name. This allows you to create a network ID for the “inside” and one for the “guests”. Most of today’s access points can handle this. Finally, you need an Acceptable Use Policy (AUP) that defines who gets access to what, and when it’s appropriate to grant that access. This is the part many people overlook.
Do you want your guests to go anywhere on the internet? Do you want them going to the more nefarious parts of the ‘net? If not, an Acceptable Use Policy helps protect you and your network by explaining what the ground rules are for using your internet.If you want to find out if you have these capabilities, or if you need to implement part of all of this for your business network, contact us today.