Wireless security - don't get caught out
According to security firm Elcomsoft a new way to speed up brute force attacks on WPA/WPA2 wireless keys using the NVidia graphics chips found in many newer computers has been discovered.
It is worth stating from the outset that this is still only a brute force attack. Nonetheless anyone running a wireless network should use this as an opportunity to review their network security. Small businesses face enough challenges as it is, and therefore all too often security issues tend to get put aside to be dealt with once there is more time/money/resource in the company.
However, if you leave things for too long you could be in for a nasty suprise. Here in the UK the Information Commissioner is starting to take much more of an interest in computer security issues, especially in the SME sector. If you do have a breach then unfortunately the excuse of "I didn't have the time to sort it" won't cut the mustard.
So what can you do? Well, it's the simple things that matter. So, here's our top tips for keeping in shape security-wise:
- Use passwords and don't make them obvious - and by obvious we don't just mean 'password' - avoid family names, phone numbers, names of pets, etc.
- Encrypt laptops and removable devices. With the advent of full disk encryption in products like TrueCrypt there really is no excuse not to encrypt portable media nowadays.
- If you must use wireless use WPA2 and make sure you have a complex wireless key. An eight digit letter only wireless key just isn't good enough. Try something more complex like !t'sG00dTo$eParanoid
- Use a decent hardware firewall - don't rely on software firewalls or your NAT router to protect you.
- Consider hiring professionals to conduct a full security review and audit for you.
We hope these top tips help, and don't forget - just because you're not paranoid it doesn't mean they aren't out to get you!