Wireless security - don't get caught out

Posted by Andrew, 20th October 2008. Share this:

According to security firm Elcomsoft a new way to speed up brute force attacks on WPA/WPA2 wireless keys using the NVidia graphics chips found in many newer computers has been discovered.

It is worth stating from the outset that this is still only a brute force attack. Nonetheless anyone running a wireless network should use this as an opportunity to review their network security. Small businesses face enough challenges as it is, and therefore all too often security issues tend to get put aside to be dealt with once there is more time/money/resource in the company.

However, if you leave things for too long you could be in for a nasty suprise. Here in the UK the Information Commissioner is starting to take much more of an interest in computer security issues, especially in the SME sector. If you do have a breach then unfortunately the excuse of "I didn't have the time to sort it" won't cut the mustard.

So what can you do? Well, it's the simple things that matter. So, here's our top tips for keeping in shape security-wise:

  1. Use passwords and don't make them obvious - and by obvious we don't just mean 'password' - avoid family names, phone numbers, names of pets, etc.
  2. Encrypt laptops and removable devices. With the advent of full disk encryption in products like TrueCrypt there really is no excuse not to encrypt portable media nowadays.
  3. If you must use wireless use WPA2 and make sure you have a complex wireless key. An eight digit letter only wireless key just isn't good enough. Try something more complex like !t'sG00dTo$eParanoid
  4. Use a decent hardware firewall - don't rely on software firewalls or your NAT router to protect you.
  5. Consider hiring professionals to conduct a full security review and audit for you.

We hope these top tips help, and don't forget - just because you're not paranoid it doesn't mean they aren't out to get you!

Post a comment…

(optional: will not be shown on site or used for marketing)

captcha

We write about…

.net angel apache audit backup backup extraction bbc bcm.pabx best practice bootlaw bug business business angels business continuity c# call detail recording cdr chief technical officer chief technology officer christmas chrome cio code review colo consulting cto contract cto creative agencies credit card credit crunch crunchies 2008 cto cto for hire data storage data-centre development disaster disaster recovery django domain modelling drinktank due diligence encryption entrepreneurs equity funding events fail firewall focus forcedeth fowa fraud freelance cto fundraising git google google apps google developer day hackintosh hiring hosting ideneb incubator interim cto internet world investment investment. investor investor ios4 ipad iphone iphone 3g iphone backup extractor iphone restore iplayer jason calacanis java job description jobs labs language launch48 law layoffs legal advice logs london lpc mac mashups meetups mentor capital microsoft mobile mod_wsgi molo mvc nda ned networking nortel norway online security os x outsourcing php plan planning protectedcc ps3 raising money realplayer recruiting recruitment reincubate saas scaling security seedcamp seo software staffing start-up start-ups starting a business startup startup cto stealth start-up techcrunch telephone temporary cto testing the start-up depression titanic turnaround ubuntu vc vct virtual cto virtual technology incubation web cto web optimisation web shops weekend wireless wpa xbox360

FeedSubscribe to our feed

Archive

June 2010