Uninvited guests on your Wi-Fi
By Jay Grady | 16/03/17 | Wi-Fi
When we think of security in the context of the IT world, we generally focus on threats from the outside world. However last week I had cause to think of it from a different perspective.
We’re currently having some renovation work at home which involved a visit from a plasterer and his labourer for the day. With dogs and cats corralled safely away and the plasterer setting up I made a trip out to a local client for a short meeting. On my return I popped my head in to the kitchen to check everything was going well, which it was. However the plasterer asked whether I was aware that my Wi-Fi ‘wasn’t working’? Now I’ve been in the wireless industry a long time and the IT world for even longer so I was impressed that the plasterer knew this and had diagnosed it with the aid of a bag of plaster and a water hose, remarkable skills indeed!
Having checked my inbox from the car via the Wi-Fi when I’d pulled up on the drive, I knew this wasn’t the case but I took the bait. “What do you mean ‘the Wi-Fi’s down?’” I asked. “Well” said the plasterer, “I looked on the back of your router and the passcode isn’t working!” All became clear. So, aside from the fact that no permission was sought before attempting this, and that he went into a part of the house he had no business to be in, this set me thinking. Now the router at home does not provide our Wi-Fi, and in addition having at one time worked for the company that provides wireless security to the Pentagon and 90% of the US military, our home is still protected via one of their systems. So, with enterprise grade Wi-Fi access points and the industry leading WIPS (Wireless Intrusion Prevent System) in play he really wasn’t getting any joy from the passcode on the back of the router!
But that got me thinking. This is clearly something they’ve done before. They knew that if they needed to hook up to the Wi-Fi you simply find where in the home the router is located and the nice long (and secure) alpha numeric passphrase is there ready and waiting for you. I should state here that in principle I have no problem with tradesmen using our internet connection when they’ve asked for it. We have used the same tradesmen for years now and they’re all trusted to both deliver a great job and be present in our home when we’re out.
However, what if they weren’t so trustworthy, what if they viewed content that was illegal in some way? In certain conditions, access to the Wi-Fi network could also be subsequently be gained from outside of the home for the lifetime of the passcode. Well I would be receiving a knock on the door from the boys and girls in blue I suspect. In due course I would hope that somewhere on my router a log would exist that would detail which devices had accessed which websites. But if it didn’t? Well I’d be in the same position as a huge majority of small and medium businesses that provide guest access with no thought to content filtering or logs to record which devices belong to which owner and which devices accessed what content. When the RIPA request arrives they now have the task of proving themselves innocent and ascertaining who it was that while using their IP address had broken the law.
With all of this in mind, it’s safe to say that guest access should not be taken or given lightly.
We can help mitigate these risks in several ways. One option is to provide a landing page or splash screen that requires users to acknowledge restrictive terms of service in order to access the open Wi-Fi. Another option to use a system to filter internet traffic, to block file sharing traffic or traffic to unwanted websites. To find out more contact us and we’ll be happy to talk through the best option for you.