Author: Sue Poremba
Date published: July 15, 2024
Mobile devices are increasingly important to the modern workforce—more than 50% of personal devices were exposed to a mobile phishing attack in 2022 according to the Verizon 2023 Mobile Security Index (MSI).1
As the MSI shows, the more customer data, intellectual property and core systems a mobile device has access to, the greater the possible consequence of a compromised device.2
This is why access point security is important for organizations. A wireless access point (WAP) allows mobile devices to connect to your network and is critical to maintaining the balance in providing a fast connection for mobile devices that also is secure.
An access point is a device that allows Wi-Fi-capable devices to connect to a wired or wireless network and gives users direct access to an organization's network. It creates a wireless local area network (WLAN), most often used in an office setting, and allows large numbers of users to connect to the internet at any given time.
Many WAPs support multiple levels of network access to accommodate different use cases.
In a hotel, for example, WAPs could be set up for guests to cover the various ways they may need to access a hotel's network: patrons in rooms, conference attendees, restaurant diners, or visitors hanging out in the lobby or pool. These access points would be kept separate from those for employees’ use; enterprise employees and other trusted users would use a higher level of network access and security.
Utilizing a wireless access point gives you the ability to provide quick and secure access to data, applications, and tools for your employees, customers and others through their preferred mobile devices. It also offers scalability, eliminating the need to find a wired setup for anyone who needs internet access but doesn't need a permanent on-site location, such as contractors, part-time employees or clients.
WAPs also can be used to address potential bandwidth issues by providing network access in locations where large groups regularly gather with different connected devices, such as shared living and working areas. WAPs come in many models and capacities to accommodate large indoor or outdoor groups.
Traffic management is another benefit of using wireless access points. The ability to segregate traffic allows for more predictable network performance and for mission-critical applications to be prioritized.
Access point settings are the doorways between your device and the network you are accessing. They can define individual settings, network related configurations, connectivity types, security settings and more. Among key WAP settings are:
IP address: Each wireless access point requires a unique IP address, which should align with the organization's IP address.
Radio channel frequencies: Devices within close range should be set to different channels to avoid conflicts and WAPs interfering with each other.
Service set identifier (SSID) settings: SSIDs in simple terms is the network name. For example, if you are at a hotel, the SSID could be Guest Wi-Fi. SSIDs can be set for each individual WAP or applied to a wider access point site that has multiple devices in order to differentiate between multiple Wi-Fi networks present in one area.
While a router provides a wireless internet connection and acts as a local area network (LAN), access points are designed to extend a network's wireless coverage. The router is a hub for the network; the WAP is a device that allows more devices to be connected to the network.
Wireless routers include a single WAP within the router device. Routers are commonly used in homes and are ideal for small businesses with minimal connected devices and wireless range needs. Stand alone routers plus multiple wireless access points are ideal for larger businesses where more connections are required.
Access points can be configured in different ways, including:
Root access point: This WAP configuration provides a direct wired LAN connection and allows users to remain connected while moving around if multiple WAPs are connected to the LAN.
Repeater (non-root) access: This configuration extends the WAP's range, including in situations where an obstacle blocks radio communication, by forwarding traffic between different access points or repeaters.
Bridges: Access points can be configured to be used as a bridge between multiple networks. WAPs can function as either a root or non-root bridge.
Given that wireless access points provide access to your network, it's critical to understand the security risks associated with WAPs.
Threat actors can use wireless connections to gain access to user credentials, making WAPs—especially those with public accessibility—a security risk. According to the Verizon 2023 Data Breach Investigations Report, a majority of breaches involved stolen credentials.3 To obtain credentials and gain access to wireless networks, threat actors can engage in:
Eavesdropping or sniffing: Perhaps the most common risk, this action occurs when threat actors intercept wireless data transmitted on an unsecured or poorly secured and unencrypted wireless network.
Spoofing: Threat actors pretend to be a legitimate identity to gain access to a network.
Evil twin attacks: Threat actors may create a WAP with the same SSID name. A user may then unknowingly connect to the fake access point, allowing the threat actor to intercept and compromise data.
Exploiting poor security practices: Practices like poor password management, accessing public Wi-Fi or lack of encryption opens up opportunities for hackers to gain access to the wireless connection. Read Verizon’s Mobile Security Index Report to learn more.
The federal Cybersecurity and Infrastructure Security Agency (CISA) offers recommendations on how to best decrease risks to your wireless access points, including by:
Improving password management, especially changing any default passwords on your WAPs.
Using basic security best practices, such as firewalls and encryption, and making sure WAP software is kept patched and updated.
Requiring connection through a virtual private network for all employees to ensure all connections are secure and encrypted.
A wireless access point security solution can provide seamless, secure access to your network. Verizon's Mobile Private Network can securely extend your apps and wireless resources anywhere the Verizon wireless network is available. Learn how partnering with Verizon can bring critical tools and data to anywhere your employees and devices need them.
The author of this content is a paid contributor for Verizon.
1 Verizon, Mobile Security Index 2023, page 18.
2 Ibid.
3 Verizon, 2023 Data Breach Investigations Report