Wireless Networking - Making it Secure
After discussions with Richard Wall, Operations Manager, Modern Investigative Solutions about the lack of adequate data security amongst private investigators and others discussed in our recent article, Richard has been kind enough to give us insight into the very issue and how simple it can be to protect your information. Richard writes:
So the idea is to make sure you keep your information secure! It's not as hard as you may think and it's actually quite inexpensive.
I could go on for ages about the packet composition of the TCP/IP protocol, but that's best left for another very long winded article. Suffice to say this protocol, developed by the US government, is actually pretty cool. It remains, after nearly 40 years of existence, the only communications method that cannot be intercepted between its origin and destination.
So why the need for encryption you ask? Well that's simple, because you don't know what security measures are in place at the destination. To clarify, the destination may not be the addressee of an email! Email servers store a message until they are retrieved by the addressee so you need to ensure your service provider has sufficient security on their servers, most will. If for some reason they don't you can be rest assured that your sensitive data will be safe with encryption.
So how do you make your end secure and reasonably hack proof? The first lesson is that there is always someone capable of breaking your security, but you have to ask yourself why? In our industry I guess to a certain extent it goes without saying, but how would someone know it's you. How do they know how you connect to the internet and what your IP address is? In simple terms they don't, but if you blab about these details you can quickly become a target. The lesson is simple, the less people know about your configuration the safer you will be. The biggest threat anyone has on the net is a random attack, these are people that aren't looking for anything in particular but can cause a lot of malicious damage.
It's the 22nd century! In this day and age, if you're conducting a business in any form you should be using broadband, or high speed internet as it is also known. Having a permanently connected computer does increase your risk, but is easily mitigated. In fact, taking a few simple precautions can make your computer extremely difficult to gain access to.
If you are on a broadband connection (and you should be), you should be connected by a NAT based Router/Modem. Network Address Translation (NAT) is incorporated into most Router/Modems these days. They provide a physical barrier to most type of attacks and are usually very cheap to purchase and easily configured. Most people have a NAT based Router/Modem and they don't even realize it. The easiest way to determine this is to see how your computer connects to the internet. If you have to click on an icon on your computer to connect to the internet, it's more than likely your connecting via a stand alone modem. If you turn your computer on and it is already available because you have a little box that looks after it for you, it is most likely on a Router/Modem, these will almost certainly have NAT although this is not always the case, you should contact the supplier and ask them. If your setup is the first configuration, then I strongly urge you to purchase a Router/Modem and have it installed. The Router/Modem will cost about $150-$250 and installation should take no more than 20mins to complete.
So why is NAT so good, because there are two IP ranges in use. The Router/Modem connects to the internet on an IP say 127.84.27.143 and maintains that connection for you. Your computer intern connects to the router on an IP of 192.168.1.1. So your only exposure to the internet is 127.84.27.143, so if someone tries to hack that IP, all they will get is a small box that has nothing in it!
The Routers job is to get the traffic that comes in on 127.84.27.143 and route it to the correct internal IP of 192.168.1.1, hence the term Router. Most routers also have Firewalls which help contribute to the security as well. There is a lot of fancy settings in most of them that will assist you to manage your connection, particularly if you're running a VOIP service as well.
This type of basic configuration should be the very minimum someone should be using to keep their computer/network safe. Used in conjunction with a good quality Antivirus, a correctly configured firewall and data encryption, you can breathe a little easier knowing that it is going to be damned hard for anyone to get through.
Richard Wall
Operations Manager
Modern Investigative Solutions
www.misgroup.com.au
