5 min read

Outsmart Smart Technology by Avoiding Wi-Fi Spies in the Workplace

Featured Image

In today’s digitally-driven world, technology and internet connections are everywhere you turn. When you step out of your home in the morning and make your way to work, you encounter hundreds, if not thousands of Wi-Fi networks. Any device that has access to the internet or a Wi-Fi connection can be vulnerable to threats, hacks and security breaches.

Identities-1.pngTake a minute to think about all of the devices you have connected to the internet at home. Computers, laptops, tablets, webcams, cell phones, lighting systems, security alarms, televisions, set top boxes and even kitchen appliances can be controlled by Wi-fi signals as a way to make our lives easier. Now think of how this relates to business. In an effort to work smarter and faster, there are just as many, if not more devices for business. If your network is compromised, hackers can pick up on your Wi-fi signals as a way to monitor your every move and steal private information. With the Internet of Things (IoT) evolving, it is only becoming easier for digital thieves to spy on you if your electronics aren’t connected to a secure network.

Businesses are becoming more familiar targets of cyberattacks and data breaches, which can allow hackers to steal sensitive information for financial gain. Symantec’s 2017 Internet Security Threat Report shows that more than one billion identities were stolen after data breaches in 2016. Businesses typically have more to lose since they store confidential records on employees, clients, payroll, contracts, products and services.  Digital thieves are always on the lookout for data to steal, and small businesses can be easy targets since they may not have the means to invest as much money in IT security. More than $81 billion was spent worldwide on information security in 2016 and spending is expected to reach $1 trillion by 2021, according to Gartner.

First National Technology Solutions (FNTS), a highly secure, nationally recognized leader in managed IT services, works with clients to manage their IT, saving companies millions of dollars. FNTS offers these security measures that organizations of all sizes can implement to minimize threats:

Encrypt Your Data: Most operating systems come with encryption tools such as Microsoft’s Bitlocker, which is available on most Windows operating systems. These tools encrypt files and programs on a computer’s hard drive, which means the data is being converted to code to prevent unauthorized access. Requiring users to input a password when accessing encrypted data offers another layer of protection.

Disable the SSID: Disabling the Service Set Identifier (SSID) broadcasting setting on a wireless router can make your network hidden, which means that a hacker would need to know the exact network name to attempt to connect to your network. Companies can change their network’s information periodically to help keep it secure.

Use Wi-fi Protected Access: The Wi-Fi Protected Access (WPA2) security setting is the current standard and most secure method to provide stronger data protection and network access control. WPA2+AES has a longer encryption key that is difficult to crack, and it only allows authorized users to gain access to a network. Wireless devices also have a MAC address setting that you can change to prevent unauthorized users from connecting to your network.

Install a Firewall: A firewall acts as a gateway between a web server and data connection to detect data that is passing through. Firewalls can prevent hacking attempts and filter spam and other unwanted content. Traditional, Next-Gen & Web-Application firewalls are available in the cloud, usually on a subscription basis. Ensuring only authorized connections are allowed inbound and outbound—based on application, user/identity, and IP information— helps minimize the chances of improper connections occurring.

Keep Software Updated: Running the most current software or patches can minimize threats. You should routinely update software and use an auto updates if possible. This is incredibly important on mobile, IoT, or sensor devices which can enlarge the Wi-Fi spies problem.

The best protection from Wi-fi spies is to eliminate Wi-fi in the workplace altogether. Wired internet connections are less accessible to hackers, but also less convenient for companies that have employees that are always on the go.

The ultimate goals of Wi-fi spies are obtaining a company’s confidential information and following employees when they exit the workplace. Employees, now more than ever, work away from their office thanks to the availability of mobile applications and public Wi-Fi networks. Wi-Fi users should always be aware of what networks they’re accessing and make sure the network is up to company security standards when working with sensitive information. To avoid free Wi-Fi options that may be risky, private hot spots can be created through a phone using a virtual private network which adds a layer of protection before accessing an open wireless network. It’s imperative that users utilize a secure VPN when accessing content they wish to keep private, including personal and business.
Outage Cost-1.png
According to a 2016 study done by Emerson and the Ponemon Institute, an unplanned outage can cost a company an average of $8,815 per minute. A company can further prevent threats by educating its employees on cyber security and having an internet policy in place that outlines what employees are prohibited from doing online. There are some easy ideas that you can implement in the workplace:

Strengthen Passwords: Require employee passwords to include a mix of numbers, special characters and capital letters. It is beneficial to have employees change their passwords frequently. Never use the same password in more than one place.

Protect Mobile Devices: If employees use a phone for work purposes, keep it secure by using a pin code or fingerprint recognition. Also, ensure all mobile devices have up-to-date software and some type of firewall installed. Mobile device management (MDM) software can be used to enforce policies, prevent jailbreaking and help inspect unknown applications.

Limit Personal Email Access: If an employee is connected to the company’s Wi-Fi network, advise them to limit their access to personal email. Spam and other emails could contain malicious content like malware, ransomware and viruses. Scammers may have personal information about your employees, and they use it to form calculated messages to get them to click on malicious links and other embedded material. Scammers can even spoof email address to make them look legitimate. Harmful websites and links can install code on an employee’s computer which can then spy on their keystrokes as a way steal their login information.

Be Mindful of What You Post on Social Media: Minimize the amount of personal information that you make available on social media. Be vigilant about how much information you post on social media and who you share it with. Hackers can use your personal information to craft spear-phishing e-mails and then pose as a legitimate contact to gain additional information about an organization.

Visit Encrypted Websites: When visiting websites, make sure they’re encrypted. Websites that start with Hyper Text Transfer Protocol Secure (HTTPS) are the secure version of HTTP. This secures communications between your browser and the website.

Stay Aware of Cyber Threats: Keep up-to-date on current cyberattacks by monitoring the news and inform employees about potential threats. 

We recommend companies back up their files frequently and store them on an offline device to prevent the loss of data if a cyberattack occurs. According to Symantec, 43 percent of cyberattacks target small businesses, and there has been a dramatic increase in attacks since 2011. The U.S. National Cyber Security Alliance says 60 percent of small businesses are unable to stay in business after being the victim of a cyberattack. If you haven’t already, consult with your IT team to take proactive security measures and then educate employees on how to avoid and mitigate threats. It’s no longer a question of if a cyberattack will happen, but when, and will your business be prepared?
Small Biz-1.png