IT Insight: Wireless network protection

Business notebooks are designed for longevity, productivity, and all-day use in mind. They are typically more durable than most consumer notebooks.

The differences between what you may purchase at a big box store versus a recommendation from your IT provider, based on your business needs, vary. Typically, a consumer-based notebook is less money. The quality of the products of the components within it is nowhere near that of a business notebook. Like anything you buy, there is always a consumer version of something specific for your task in mind. For instance, the consumer notebook will include Windows Home, not Windows Pro, as Windows 10/11 Home costs less money, has no built-in management, slower hard-drive, and less memory.

A consumer notebook does not connect to a business network (Domain/Active Directory) or with Microsoft’s 365 Azure/Intune. It is not as secure with online applications. Additionally, most consumer notebooks are going to have a one-year warranty and a commercial notebook typically has a three-year warranty. Overall, better components which will give you better performance and longevity, more rugged, Windows 10/11 Pro to connect to the network and a better warranty with components that allow you to manage that device remotely set commercial notebooks apart from consumer ones.

Let us look at the differences between residential and commercial wireless networks and offer tips on how to secure your network with an emphasis on the risks of employee cell phones and remote workers. Many people use wireless for their mobile devices and to connect to their computers and especially notebooks/tablets or iPads for accessibility to their workplace both remotely and even within the workplace.

How should a company determine what they need for wireless and the wireless network? The actual business needs dictate the necessity for wireless. You could be in manufacturing with a need for tablets or machines on the floor to collect data. You could be an oil/propane company and need wireless devices in your trucks to access your line of business application. But in the office, the wireless trend continues to grow. People want more mobility, they want flexibility to get to the conference room, they want the ability to hit the road and work from home. Today, everyone wants everything now, so wireless is critical in every business.

To do wireless right, you need a wireless assessment to determine the locations for coverage, the number of access points /density to accommodate all your users and devices and most importantly security.

Most PC’s are hard-wired. In today’s work environment, especially with the Pandemic and adaptation of the remote workforce, employees working remotely may not realize that when they come to work, they are not hard-wired into their on-premises network.

What are the differences between what we have at work and what we use at home for connectivity? Wireless routers that we have at home and in a small office, provide an easy installation without cabling. This wireless router connects your Wi-Fi enabled devices like notebooks, tablets, and smartphones wirelessly. It also provides digital television service and can be used for VoIP (Voice over IP) calls. Your home router also provides basic protection including a password to defend against threats outside of your local area (home) network. While this model works great at home, it is a consumer-based solution, and is not adequate to cover an entire facility, such as a five-thousand-foot manufacturing floor, or a business with twenty-five or more users.

Your home device is not a secure device, and it does not provide the necessary secure connection to your office to protect your business and data against a cyber-attack. In a business environment, there are many people using their phones, tablets, or notebooks to access network resources, VoIP phones, security cameras, HVAC, Door access and the IoT (Internet of Things).

Each wireless access point “WAP” can only handle “X” amount of people or devices on that wireless access point, called the “density” of an access point. An example of this is a golf course or convention center where you have an event with one hundred plus users trying to get on the wireless. You would therefore need multiple access points to accommodate this usage to give users a positive wireless experience.

At the SMB and Enterprise level, a wireless access point (WAP) provides Wi-Fi capability to an existing hard-wired network. It bridges traffic from wireless devices into your wired network. A wireless access point can be stand-alone or be part of a router and allows devices without built in Wi-Fi to access a wireless network via an ethernet cable. A wireless point is beneficial in the workplace as it can extend the wireless coverage of your existing network, especially as users are added in the need of future growth. Where access points are located is determined by things like the infrastructure and building materials of your space, the height of your ceilings and location of your users.  A thorough wireless assessment is necessary with this option to determine where all the access points should be installed for adequate coverage. This will allow for proper budget for wiring runs and the number of access points needed for connectivity for all your company wireless and device connections. You will also need to address your network infrastructure and have the correct POE “Power of Ethernet switches in place to manage these wireless devices.

One of the greatest risks to your business network is cellphone usage. All cellphones, whether employee or guests, need to connect via your guest/public network. Never allow cellphone connection to your private network.  It is a huge vulnerability cyber security risk. Address cellphone protocol in your employee handbook stating the expectations regarding use of your private network. Any savvy user that knows the private network password can get on. As part of on-boarding new employees, HR needs to emphasize that “Company data is our livelihood, and we need to minimize risk by protecting that data, our reputation and earnings.”

Make sure there are protocols and processes in place if your employees work from home on their wireless. Lock down the home wireless as well to secure your remote workers.  They should not share a home modem with the rest of the family. That is not truly private or safe and is a further risk to your business network.

It is also common for businesses to add a firewall or wireless access points at their user’s homes for direct, secure access creating a VPN (Virtual Private Network) tunnel. Network traffic coming from the home to the work is more secure and separate from the wireless your employee may already be sharing with children and guests. It is a strong recommendation to add a VPN/Remote access appliance to ensure a secure site to connection, such as the Meraki, Fortinet or Ubiquiti Managed Teleworker Gateway appliance.

How do you know if your employees are using their cell phone to go onto the private work network? A cloud management portal is a great way to manage this. You will be able to “see” who is on and if there are too many cell phones on it or a wireless device with issues, you are able to remove them from that connection via a managed wireless device such as Meraki, by Cisco, enterprise mobility and security management. You can manage what they are trying to access and limit this such as streaming music which clogs up your Internet pipe.

Security concerns with remote workers, wireless connectivity, cell phone connectivity to your business is vital. This should be part of your business plan and security practice to minimize your risk and improve your security presence which also supports your Cyber Insurance Policy.

Your managed service provider can guide and get you there. Do it right, and you will not have any issues.

JoAnn Hodgdon is vice president and co-founder of Portsmouth Computer Group (PCGiT) with her husband David. PCG provides comprehensive managed IT services, business continuity, security, cloud computing and Virtual CIO services to their clients. You may reach her at or at