Coworking spaces are on the rise with the increase in the number of remote workers. Many organizations have moved towards coworking as the shared office model offers similar benefits as that of a conventional office, such as a stable internet connection and in-person collaboration.
These spaces attract a wide range of people – remote IT workers, freelancers, startup owners, large businesses, and hobbyists. This diversity is another one of the strengths of coworking, but a mixed-used network has more vulnerabilities than you might expect. Shared networks require superior security measures, otherwise you risk huge security mishaps such as the cyber attack that brought WeWork to its knees.
If you are a coworking space owner or part of IT, you may have doubts such as:
“Does my co-working space ensure privacy?”
“What makes users feel safe using the space?”
“How to provide fast, steady, and safe Wi-Fi?”
“How to provide easy internet access?”
“What makes a coworking space fail?”
“What security precautions are needed for a public WiFi network?”
From cybersecurity threats to physical thefts, there are a number of ways a co-working space could be the perfect target for credential harvesting. Make sure your coworking experience is safe and secure by implementing these best practices.
Tips for Securing Public Wi-Fi in Coworking Spaces
Password Protected Wifi is Not Enough
Co-working spaces bring in an interesting mix of people across plenty of industries. It only takes one cybercriminal to compromise the data of hundreds of others. Hackers can penetrate a company’s defenses quickly, sniffing the WiFi to examine the data transferred over the air. This can lead to unmitigated access to everything from usernames, passwords, and your browser history.
Because of this, it is no longer enough to just have password-protected WiFi (such as WPA2-PSK). Anyone can book a pass to the office for a day or an hour. That would be all a potential hacker needs to get in the building and the Wi-Fi password. Even if it wasn’t just a single preshared key, all they would need is Wi-Fi-sniffing tools like a Pineapple or Wireshark to gather the data. And if the co working space has no additional security measures — no firewall or separate networks – it can easily get hacked. If your users’ data is exposed similar to what WeWork users experienced, will your co working space survive?
Establishing a strong and secure network is key to avoiding a data breach. It is up the coworking space to protect their members.
Improve Network Capacity
Being connected to the internet means there is always the potential that you could receive lots of traffic. Huge traffic can cause stability problems and may expose vulnerabilities in the system. A coordinated flood of traffic is called a Distributed Denial-of-Service (DDoS) attack, and it can interrupt service for hours.
A DDoS attack is a simple but effective cyber attack in which machines or networks are overloaded with requests to make it unavailable. Attackers achieve this by sending more traffic than the network can handle, causing it to fail—making it unable to provide service to its legitimate users. One of the most devastating results of a DDoS attack involves ransomware and websites that are held hostage until payment is received. DDoS attacks are on the rise, so companies that specialize in protecting against DDoS attacks are a big help. Examples include Cloudflare, a content delivery network that spreads its client’s traffic across its many data centers and so can quickly recognize and filter out a DDoS attack before it hits an organization’s network.
The more you know about what normal inbound traffic looks like, the quicker you will spot the start of a DDoS attack. Network security promotes reliability of your network by preventing lagging and downtimes through continuous monitoring of any suspicious transaction that can sabotage the system.
Replace WPA2-PSK with WPA2-Enterprise
WPA2-Personal is common in homes, cafes and co-working spaces – it’s a security type that requires a preshared key (PSK), hence the pervasive question “Can I get the Wi-Fi password?”. How hard can it be to wreck havoc on the network by stealing the PSK? A survey found that 74% of IT decision makers say data breach involved privileged access credential abuse.
Since the security of the whole WPA2-PSK network relies on every single user to adhere to rigorous security standards, the reality is there is no way to maintain a secure perimeter.
Use WPA2-Enterprise to Secure Co-Working Space Wi-Fi
WPA2-Enterprise provides the strongest protection for Wi-Fi authentication. It has been around since 2004 and is still considered the gold standard for wireless network security for coworking spaces, organizations, and institutes, delivering over-the-air encryption and a high level of security
The amount of customization you can do to tailor your network access policies is the beauty of WPA2-Enterprise.
Authenticate Individual Wireless Users
A WPA2-Enterprise network doesn’t just use a password, but instead a username and your (unique) password for each user. It will be a challenge for any outside attacker to obtain network access. Additionally, if a single password is compromised, it can just be reset, while WPA2-Personal would require you to choose a new password, removing every device using it from the network. However, it requires a RADIUS server for Wi-Fi authentication.
Digital certificates for authentication
WPA2-Enterprise can be configured to use digital certificates for authentication. A device equipped with a certificate is automatically authenticated and cannot fall prey to any of the credential attacks such as MITM, Phishing, Rainbow Table attack, credential stuffing, or Dictionary attack. It’s more convenient for users and provides much stronger security to protect the network.
With certificates, a user’s only link with the authentication process will be the initial configuration process. After that, they are always automatically authenticated when in range of the network and can use the internet without issues.
Implement Role or Attribute Based Access Control
WPA2-Enterprise makes user or group based access policies possible. A WPA2-Enterprise network can be segmented to provide separate network experiences for different users on the same network. As a result, the risk of damaging data breaches is far reduced because fewer users have access to sensitive resources. This also ensures that even if part of your network is compromised, the rest won’t be affected.
Enable WPA2-Enterprise for Coworking Spaces
WPA2-Enterprise requires a RADIUS server, which is responsible for user authentication. Access points and some spare server space are what needed to make WPA2-Enterprise work.
This network is most often used by businesses, institutes, and governments as it offers near-impenetrable security.
SecureW2 Can Deploy WPA2-Enterprise Network
SecureW2 is an industry leader in WPA2-Enterprise security solutions – we have all the tools, from certificate-based authentication to device onboarding, to make your WPA2-Enterprise network as safe as possible. Our Onboarding software guides users with simple steps designed for anyone regardless of technical skills (thus eliminating the confusion during misconfiguration). Check out our onboarding solutions here.
Remote work is the future. With our Turnkey Managed PKI, 802.1x Onboarding, and Cloud RADIUS Server, you can take advantage of excellent network security alongside an awesome end-user experience. Ready to get started? Check out SecureW2’s pricing page.