A reader who will remain anonymous (he can out himself if he wishes) sent me an interesting observation. He was in his doctor’s office last week, and out of curiosity, he ran a wifi scanner on his phone just to see what networks were available and how they were secured.
What he saw wasn’t pretty. Especially considering he was in a building full of doctors, lawyers, and financial advisors.
He saw 11 networks, total. Of those, 4 networks were straight-up WEP. One was WPA2, but had WPS enabled. One was straight WPA, and two were dual WPA/WPA2.
Only 3 of the 11 were WPA2 without WPS, which is the textbook way to configure a network securely. Five of the 11 networks were configured in such a way that someone could break them easily, using known vulnerabilities.
I don’t think I’d fire my doctor over that. An attorney? It depends, but I’d certainly want my estate attorney to have a secure network. And I wouldn’t hesitate to change financial advisors over such a thing. After all, these professionals have a lot of your information, and if someone were to steal that information via their networks, you’d have a big mess to clean up, and you may very well never know where the perpetrators stole the information. The only way to fix it is to raise awareness. And asking the question is the first step toward raising awareness.
Securing a wi-fi network took 30 minutes the last time I did it.
One thought on “Doc, what security settings are you using on your network?”
I did some computer work for a doctor friend of mine a few years work. When I told him that he had a completely open and unprotected wireless network, he insisted that he did not, even after showing him. After a bit of investigative work we tracked it down to his network closet. Apparently he had upgraded his old wireless router to a newer one, but no one had turned the old one off.
I also found that he was renting three servers, one of which wasn’t even powered on and the other two using about 5% of their resources. My friend was definitely getting some bad advice from a “friend of a friend” who had turned him on to a fairly crooked IT group. We got things straightened out eventually.
Comments are closed.