I’m a little embarrassed to admit this, but I think about Wi-Fi ALL THE TIME. Not just because Wi-Fi has become a necessity that I can’t live without, but also because I work for a company whose mission is to not only offer Wi-Fi to our partners and customers, but offer them secure Wi-Fi, so that they don’t ever have to worry about their data being compromised by hackers.
When I think about the Wi-Fi market today, it consists of Wi-Fi offerings that are all relatively the same, making it extremely difficult for MSPs to differentiate themselves. When choosing a Wi-Fi solution, simply offering consumer-grade Wi-Fi fails to provide the performance, security, or even scalability that today’s organizations require, while traditional enterprise-grade Wi-Fi comes at high costs with added overhead. This leaves SMBs in search of a middle ground.
So what is an MSP like yourself left to do? Offering a Trusted Wireless Environment that is fast, easy to manage, and most importantly, secure is the way to go. When MSPs offer a Trusted Wireless Environment, they deliver on the three core pillars of market-leading performance, scalable management, and verified comprehensive security, defending their customers against the six known Wi-Fi threat categories:
1. Rogue Access Point
You own a retail store that has customers coming in and out all day. When it’s busy, it’s impossible to keep an eye on everyone there every second of the day. It’s easy for someone to jump into the wire closet and plug in the cheapest access point they could get and they’re now able to gain access to the company’s private secure network and can hijack POS systems to reveal credit card numbers and more.
2. “Evil Twin” Access Point
On your lunch break you decide its finally time to update your wardrobe – nothing wrong with that! But a hacker is using an evil twin access point and you’ve now unsuspectedly connected to their copy of your Wi-Fi SSID. Once you go to check out and enter in your credit card information to order that new dress, the hacker has your information and is ready to go sell it on the dark web.
3. Rogue Client
You stop by the same café on the way to work every day. Since you’ve connected to their Wi-Fi network before, your phone automatically connects as soon as you set foot in the door. Unfortunately, that day, someone had set up an evil twin access point, tricked your phone, and infected your phone while you’re in range of your private WLAN with ransomware for you to take back to the office. As soon as you’re back at your desk, your phone connects to your corporate Wi-Fi and the ransomware is off and running!
4. Neighbor Access Point
Susan in marketing cannot get through the morning without listening to her favorite new soundtrack. Her phone is almost dead, so she wants to use her company-issued computer to connect to a streaming site. Her company’s firewall restricts access to streaming music, but that’s no worry for Susan – she’ll just connect to the downstairs coffee shop’s unsecure Wi-Fi and start listening away. Unfortunately for you, a hacker is sipping his first cup of coffee, just waiting for her to connect and get to work on accessing your network.
5. Ad-hoc Network
As a meeting is getting ready to start, Carl’s boss is STILL waiting for that file he promised would be there this morning. It would take him too long to use the corporate-approved secure network file sharing, so he decides to set up an ad-hoc network to send it directly from laptop to laptop. Sending files via AirDrop or AirDroid creates security and legal implications that could affect your organization.
6. Misconfigured Access Point
An access point gets shipped from corporate to your new office and Charlie, the receptionist, volunteers to set it up! He follows the instructions and installs the access point that’s now broadcasting an open SSID, which is leaking private data like a sieve. You can’t blame him, because he’s not an IT pro, but you’re still left with a misconfigured AP that could be a serious risk to your organization.
All these threats are not new and have been around since Wi-Fi went mainstream 20 years ago. But one thing that has remained the same and is so shocking to me, there are no security standards around Layer 2 Wi-Fi to keep Wi-Fi users like you and me safe. This is why I’m advocating for change. We all deserve to connect to Wi-Fi we can trust. I want to be able to connect to Wi-Fi at my favorite coffee shop and not have to look around wondering if the person sitting next to me on their laptop is a hacker. Hackers prefer to go after Wi-Fi because it’s the weak link in the security chain and it doesn’t take much to hack into a Wi-Fi network. There are thousands of how-to videos on YouTube and a $99 pen testing tool like the WiFi Pineapple to make any Wi-Fi hack seamless.
We must put a stop to this! Join me and let’s end Wi-Fi hacks together by signing this petition: www.TrustedWirelessEnvironment.com. Every signature we collect will help us partner with organizations such as Congressional Wi-Fi Caucus, WiFiForward, PCI Security Standards Council, Wi-FiNOW, IEEE, and Wi-Fi Alliance to name a few. These organizations help build security standards for businesses around the world and we want to join forces by collaborating with them to make this world a safer place.
Leave a Reply