blue free wifi sign

Wireless - Are Your Guests Welcome?

Network Security
August 9, 2016
John Sinderman

You may even offer free WiFi to your clients and guests - but it is setup to ensure your network is safe?

Chances are you have a wireless network at your business, WiFi everywhere. It’s in your home, it’s in the coffee shop, it’s in the mall, and it’s in your car. It’s getting to be ubiquitous. But is it in your office? The wireless networking we all take for granted today connects us to the world and enables all kinds of cool technologies, from the most basic form of internet access for the everyday user, to enabling smart homes with Wi-Fi accessible lights, locks, and HVAC.

Providing your guests with WiFi access has come to be expected, but are you also giving them access to your server and sensitive information?

When we visit clients, quite often we take a tablet, laptop or phone, and if it’s available, connect to the Wi-Fi so that we can access the most current information about their account. It is incredibly useful and it gives the appearance of information being always available. But what do you do when it’s an auditor, or a client, or a guest that needs access, and not your employee or IT guy? While you certainly can give them access to your Wi-Fi, might you also be giving them access to your server and sensitive information? That doesn’t seem like such a good idea, does it?

So what do you do to implement guest access in your network? You need a few things. First, it requires the right firewall for what you want to accomplish. The average small business firewall from six or seven years ago did not include the capabilities needed to create a Virtual Local Access Network (called VLAN) which is the fancy term for creating a segment of your network that can only do a specific thing. In this instance, for guest wireless access, you need to create a “Guest VLAN” that only allows internet traffic and does not touch your network. Today’s firewalls often include the technology for creating multiple VLANs. Also, some of the new enterprise access points we carry can provide these capabilities without changing your firewall.  The second thing you need is a Wireless Access Point that can handle more than one SSID, or wireless network name. This allows you to create a network ID for the “inside” and one for the “guests”. Most of today’s access points can handle this. Finally, you need an Acceptable Use Policy (AUP) that defines who gets access to what, and when it’s appropriate to grant that access.  This is the part many people overlook.

Do you want your guests to go anywhere on the internet? Do you want them going to the more nefarious parts of the ‘net? If not, an Acceptable Use Policy helps protect you and your network by explaining what the ground rules are for using your internet.If you want to find out if you have these capabilities, or if you need to implement part of all of this for your business network, contact us today.

Unauthorized use and/or duplication of this material without express and written permission from Pivotal IT is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Pivotal IT with appropriate and specific direction to the original content

more articles
Fileless Malware: How It Works and How To Avoid It
Occasionally know as non-malware, fileless malware lives in your computer’s RAM, doesn’t use software, and attacks vulnerabilities within the computer’s operating system and software programs.
Network Security
7/20/2018
9 Attack Patterns of a Data Breach
Since 2014, the majority of Data Breaches have used the same nine attack patterns - understanding them is key to developing an effective Cybersecurity Strategy.
Network Security
3/12/2018
The Risks and Benefits of Shadow IT
Like it or not, it is a part of your small business network. Discover how to strike a balance between the needs of your end-users and keeping your sensitive data is secure.
Network Security
1/31/2018