There are varying degrees of wireless requirements depending on the type of space you run. But your top priority should be to keep your network secure – for your business and your customers’. In this chapter of our multi-part series on wireless for Coworking and shared workspaces, we’re picking apart the standard, run-of-the-mill open Wi-Fi network and providing expert tips on combating security flaws. Read on to learn how you can enhance your coworking Wi-Fi security.
Disadvantages of an Open Network
In over 16 years of experience working with operators and running workspaces, we’ve found that most locations have a basic wireless setup. It’s based on an open network with a common password that applies to everyone and is rarely changed. However, it’s all community and butterflies until someone gets hacked. This overly simplistic setup is susceptible to unauthorized use and can lead to a potential nightmare for operators. Even the most junior of hackers can steal someone’s private data and monitor or hijack devices on the network.
High Traffic in a Flexible Environment
By nature of the flexible workspace, there are people constantly in and out of the space. Some are resident members, and others one-time drop-in visitors. While some may be trusted, a few may be day visitors, guests or passersby with bad intentions. Once the name and password to the wireless network in your coworking space are known, it’s possible for malicious users to interfere with traffic to access files and private information by circumventing basic Wi-Fi security measures.
Complex Passwords Won’t Cut It
It’s not so much about having the most complex of passwords, although it helps a bit, as it is about who knows the password. Common, shared passwords, even complex ones are often written down on post-it notes, given to visitors to use, and they are seldom changed. The big problem here is with ex-employees. The once trusted admin or center manager who leaves involuntarily can simply hop next door, or even lurk in the foyer or street outside and access the network unless the password is changed. However, this means that potentially 200 people in your center must now change their stored password just because one person has left. This might happen every day, consuming precious time and resources and negatively impacting member experience. Imagine working from a shared workspace and having to connect all of your devices to the Wi-Fi network with a new password each day. Frustration levels are bound to rise.
Reputation over Convenience
On-demand, convenience and ease-of-access to Wi-Fi are compelling features for shared workspace consumers to log onto a network without second guessing security. However, in our experience, including a user-beware disclaimer on Wi-Fi login pages may not be a bad idea if you haven’t implemented the proper security for your network.
Horror stories speak to the need for operators to secure their Wi-Fi network. Low-security measures can leave you and your members vulnerable to having private financial, personal and business information stolen, shared or misused. With the right know-how and device, there’s nothing standing in the way of a “guest” coworker dropping into your space and connecting to the shared wireless network to capture contact information of your members for marketing purposes – or worse, steal and sell their identities.
This is not the sort of sharing in co-working that we want to encourage. It puts your workspace brand and reputation at risk. No operator can afford that in a competitive market.
Overcoming Security Flaws
First and foremost, to protect user data and prevent from an external attack patches, software updates, virus and malware defenses should be placed on all devices. Regarding infrastructure, the best alternative to standard Wi-Fi Security is implementing enterprise security where each user is assigned a unique username and password to access the network. Authorized users will have to wait for an email with login credentials to log on to the Wi-Fi.
Using this technical protocol makes it slightly more cumbersome to setup – an additional step with a minimal wait – but the result is a much more secure network; one that is truly limited to only those entitled to access it – your staff, your members, and authorized visitors.
Dedicated Member Access
Enterprise security and double authentication combined with dedicated VLANs per tenant are the best of both worlds. This solution uses a single SSID for members and tenants to securely access the network with unique device-specific login credentials. This way, operators can more effectively track Wi-Fi users, prevent password sharing, keep their network secure, and protect against revenue leakage.
Placing customers on their own VLAN gives administrators the ability to remove network access to departing, delinquent or late-paying members.
Hospitality for Guests
A vital part of building community in a shared workspace is hospitality. When it comes to guest visitors or day pass consumers, you want them to feel welcome, but you must also protect both the network security and performance for yourself and your members. Creating a separate SSID for the guest Wi-Fi network and putting short-term users onto a dedicated VLAN with specific guest bandwidth profile will help mitigate potential threats to both security and performance of your technology.
The idea is for visitors to sign into a portal and accept your terms and conditions of use. After a period of time, they will be removed from the guest network and will need to reconnect. Administrators will not only have visibility into who is connecting to the guest SSID, but the peace of mind that malignant guest users are not free to roam or threaten the privacy of your members and the integrity of your network.
An advantage to authenticating guest users is that while you’re at it, with their permission, you collect details for your own future marketing use and analysis. For day and guest coworkers, it’s worth making a unique Wi-Fi network available for one-off meetings and audio-visual devices to support streaming and presentation hook ups securely and without hogging bandwidth.
The objective is to create a safe zone for your members. Not just in terms of productivity and community, but also the security of their work and data.We can’t live without Wi-Fi these days. Make the investment in a proper, robust network that supports a growing community and ensures security.