Having just returned from the MIVA Conference, I’m sure my editor is quite antsy. I’m late with this column— not due to procrastination. I’ve always got something to say, but after I instructed a session on security for online store administrators, I realized that a great percentage of store owners are oblivious to security needs beyond the security of the server itself. Most of you have antivirus software, and perhaps you’re running a firewall (and, yes, you should be running firewall software even if your router has a hardware firewall). However, when it comes to wireless routers, I’m going to bet all my chips that you’ve missed a step, leaving your customer’s data vulnerable.
Your computer is simply a gateway to your server, so if you’re ignoring security on your own network, any measures taken on the server really won’t matter. There are a lot of myths about security, and making assumptions just makes us all look careless. So if you’re using a wireless (or wired/wireless) router, I urge you to stop what you’re doing and take some simple steps.
First, go grab the manual to your router. In there will be printed the default admin password and the SSID (that’s the Server Set ID, and it basically is a name for the router which connects your computers to each other and the Internet). My bet is there’s a 75 percent chance that your password and SSID are what’s printed on the page (which means I know how to access your router’s configuration).
Now go read up on MAC filtering (which lets you restrict connections to specific devices) and the connection limits (Hint: if you have two computers and nothing else to connect, set this number to two). You’ll also want to enable encryption and disable remote administration (so I can’t get in from the outside and bring down your network), and, if you can, disable DHCP (which auto assigns IP addresses to each device). While you’re at it, disable any features you don’t use.
If you’re among the elite, you’ll find everything I’m rambling about elementary and, well, beneath your knowledge level. I, on the other hand, was in awe at how many people were in a virtual panic even while I was speaking. Several approached me the next morning to report how many wireless connections they found while connected from their hotel rooms; the winner was a guy who found nine wireless networks, of which seven were sitting ducks for hackers.
File sharing setup
Everyone (regardless of wired or wireless connections) needs to make sure that file sharing, if used at all, is enabled properly. When you hook your laptop into anyone’s network, you’re system can be vulnerable to attacks, and if you’ve been void of taking any steps, there’s possibility a hacker can gain root access right into your system. If you don’t run a network at home or office, just disable file sharing, and make sure to use a software firewall to block anyone knocking on the door. If you must use sharing, make sure it’s restricted specifically to the directories necessary. Then make sure to use password access and to disallow others from changing the files.
Since it’s impossible for me to give you every possible step of protecting your data, you need to take time for additional research. If you are throwing your hands up saying, “Who’s going to care about my little business?” and simply walk away from any precautions, then when something does happen (and chances are better that it will), you’ll have no one to blame but yourself.