Wireless vulnerabilities can open the door to catastrophe. Unprotected connections are prime opportunities for hackers to access sensitive financial information.
Even wireless LANs can have rogue access points, which are gateways that have been installed on secure company networks without the permission or knowledge of the local network administrator.
These access points are usually installed without malice, but sometimes they are created to allow a hacker entry.
The end result is the same: disaster. Loss of revenue due to diminished client confidence and sanctions from regulatory bodies can mean the end of a formerly strong business.
This article explores the different ways that Los Angeles investment advisors are securing wireless networks from cyber-attacks and preserving their firm’s integrity.
Implement and Enforce Security Policies
If a firm does not have a security policy in place, they need to have one drawn up, reviewed by an attorney, and signed by all employees. A thorough policy will cover the following points:
- Minimum password complexity
- Prohibited site types
- Accessing the network with personal devices
- Procedures for employee termination
By making employees aware of the hidden dangers they might unwittingly enable, a financial advisory firm can focus on securing wireless networks against the threats that exist outside the organization.
All company wireless access points should be secured with WPA2 encryption. WEP, which many businesses still have, is considered outdated and relatively easy to hack through. If there are older computers and handheld devices that only support WEP or WPA (WPA2’s predecessor), update or replace them entirely. WPA2 includes the secure AES encryption algorithm, which will frustrate the attempts of most cyber-thieves.
Avoid Using the Network’s Default SSID
Wireless routers can broadcast the name of the firm’s network, otherwise known as the SSID, to the public at large. Although hotels, cafes, restaurants, and other businesses that offer free Wi-Fi to the general public find this feature useful, there is no reason for a private network to broadcast its name and presence.
Concealing the SSID will deter novice attempts at penetrating the network, but to deter more experienced hackers, refrain from using the default SSID as well as common, easily guessed names.
Dedicated cyber-criminals have assembled tables of password hashes to find a WPA password rapidly. Because these tables are tailored to individual SSIDs, using a name that is not on their list will make finding the password much more difficult.
Once safeguards are in place, never assume that they will work as expected. Wireless networks and devices need to be penetration tested and random assessments should be carried out to find and fix new vulnerabilities.
By taking the time to restrict network visibility, apply strong wireless security encryption, and reduce the likelihood of an employee-introduced vulnerability financial advisory firms can meet both client and auditor expectations.
What tools and policies are in place at your firm for securing wireless networks? Let us know your thoughts in the Comments box below.
And to follow-through on the tips introduced in this short article, be sure to download your free guide, Investing in High Net Worth Clients: The LA Investment Advisor's Guide to Using Technology to Manage and Grow Your Firm.