So, you’ve set up a guest WiFi network at your business. You’re going to keep your business WiFi safe and keep the bad guys out of your network. You’re all set, right? Unfortunately, simply setting up a guest WiFi network is not enough to ensure you’ll keep guests from doing suspicious things on the network and from seeing your company data. In order to achieve maximum security and safety you need to properly set up the guest WiFi. It’s a necessity to protect your users and sensitive data. In this article, we will go over some ways to do just that.
- Secure all network peripherals: It’s important to remember that optimal security starts with safeguarding your physical network including routers, switches and wireless access points. Any device with an Ethernet port is vulnerable to trespassers who can easily plug in one of their devices and modify your configurations. This is something you want to prevent at all costs. To do so, make sure your network peripherals are in a secure location. For example, a locked closet or office would guard against visitors or rogue “vendors”. If you don’t have extra space for that at your business, you can also conceal the wireless access points inside your ceiling. You won’t see the health lights but neither will any malicious visitors.
- Separate the networks: You need to make sure that your guest network is divided from your business’ internal network. This will prevent trespassers from browsing and accessing your network and your confidential data and resources. This can be done with business grade network firewalls and switches. By using device isolation (I can’t see you!) and separate VLAN networks for your guests using the guest wireless SSID. This will ensure the guest network cannot see the main business network. You can also use a software firewall on computers to stop traffic coming from any devices and networks that aren’t the main company one.
- Bandwidth controls: Use bandwidth controls to restrict how much data guests can use as well as what they are able to access online via the guest WiFi network. These bandwidth controls will enhance your business’ overall network performance and improve security. Guests should only be allowed a fraction of the total bandwidth coming in from your Internet provider. They also shouldn’t be allowed to do or visit illegal things (hacking forums, drugs, etc.) using your Internet connection.
- Time based restriction: Make sure your guest network is only accessible during designated hours, preferably business hours so that someone can monitor the network if anything suspicious arises. Restrict how long guests can use the network for to discourage anyone from using it for their main Internet connection. Ever notice people camping at the library or Starbucks? That may be great for their operation, but not yours.
- Portal requirement: Consider requiring all guests to login via a portal. This will require them to provide some personal information before they are granted internet access which can be used for not only tracking who is using the connection, but your marketing efforts as well. It also holds them accountable for the activity they’re about to carryout. It’s a good idea to set up a secure password for the guest WiFi portal as well and be sure to update the password periodically.
If you have any questions about securing your guest WiFi network, please contact us at Blue Collar Computing. We’re a Managed IT Services Provider in the Chicago suburbs. At BCC, we can work with you to ensure property guest and WiFi security are in place. Please contact us for a free consultation to discuss security options and a free security audit for your company.