Seven best practices for wireless cyber security

A good, solid understanding of effective cyber security is needed to protect information in a world where wireless communications are standard can have long-reaching effects on a personal and professional level. Note the following seven tips for wireless cyber security and link to more details on each.


Industrial Wireless Tutorials – a new Control Engineering blogWireless has become the communications medium of choice for many people. However, this is meaningless without a good, solid understanding of effective cyber security and knowing how to protect information whether it's at home or at work. Consider these tips and best practices for developing a robust wireless security system to protect sensitive information. 

1. Develop a cyber security plan

Most cyber security networks are compromised by "social engineering," when a person reveals secure information credentials to an unauthorized person by fraud or subterfuge. A well-conceived cyber security policy that includes education, monitoring, regularly changing passwords, and scrupulous maintenance of employee records and security credentials can virtually eliminate the threat posed by social engineering attacks. 

2. Don't assume the network is ever secure

No cyber security program is ever 100% secure. There is always an element of risk, particularly when dealing with an unbounded medium like wireless. It should never be assumed that any wireless communication is secure when using a public Wi-Fi hotspot or a foreign access point. It is not wise to assume that any wireless communication is completely secure or private. It is up to the client to ensure it is using the latest and strongest security methods. Being aware and vigilant is the best option. 

3. Pick a strong password

Figure: The diagram below shows the general relationship of the branches of cryptology. Courtesy: Daniel E. Capano, owner and president, Diversified Technical Services Inc.A strong password for cyber security networks—and anything else used on the Internet, for that matter—makes it harder for hackers to use brute-force techniques to compromise the user's network and private information. Basic guidelines include a minimum of 10 characters. Adding capital letters and numbers are highly recommended. While the password should be complex, it should also be something the user can type accurately and remember with little difficulty. And while it goes without saying: The password should never be divulged to anyone; if the password is shared the system is immediately compromised. 

4. Don't go for the bare minimum

Obsolete cyber security methods such as MAC filtering and service set identifier (SSID) cloaking are still used, but they provide minimal, if any, security on a wireless network. MAC filtering denies or allows a user access based on his unique hardware (MAC addresses). However, it is easy for hackers to spoof, or clone, an authorized device's MAC address. SSID cloaking or hiding is also ineffective because it does not secure the network or any data, and it's easy for hackers to compromise the system if mobile devices are involved. 

5. Encrypt the data

Encryption is designed to protect and obscure sensitive data so an outsider cannot read it. There are several methods of encryption, but in every case a cipher is used. The cipher protects the algorithm used by the encryption protocol. An intruder can intercept data broadcasts over a wireless network, but encrypting that data makes it very difficult for someone to decipher the information unless he or she has the proper decryption key. 

6. Stay up to date with the latest protocols

Wireless cyber security networks are constantly tested for vulnerabilities. It is a fact that eventually the latest and greatest security methods will be compromised. Wired equivalent privacy (WEP) was tested and cracked; temporal key integrity protocol (TKIP), which was designed as an interim measure, was also cracked. Wi-Fi protected access II—pre-shared key (WPA2-PSK), the current wireless network system, will also be beaten and replaced by something else. It is inevitable. It is the responsibility of system administrators to implement a solid security policy that supports and enhances physical- or software-based security solutions. 

7. Be vigilant and aware

Daniel E. Capano, owner and president, Diversified Technical Services Inc. of Stamford, Conn., is a certified wireless network administrator (CWNA) and writes posts for the Control Engineering blog, Industrial Wireless Tutorials.Diligence in monitoring and intrusion detection is essential to maintaining a secure system. Upgrading system software and equipment will allow a degree of "future-proofing" and pre-emptive defenses against sophisticated attacks.

To err is human, but following these tips provides some guidance in a world continuously changing and evolving at speeds most could not even comprehend at the turn of the century.

- Daniel E. Capano, owner and president, Diversified Technical Services Inc. of Stamford, Conn., is a certified wireless network administrator (CWNA). He can be reached at Edited by Chris Vavra, production editor, CFE Media, Control Engineering,

Key concepts

  • Best practices can improve wireless cyber security.
  • Develop a wireless security plan that works best for you.
  • Don't assume strong passwords and encryption protocols make your network safe.

Consider this

Do you have a plan specific to wireless cyber security in addition to wired security?

ONLINE extra

These wireless tutorial blogs from Capano provide more information on each topic.

Wireless security tutorial: Wireless intrusion detection systems and wireless attacks

Wireless security tutorial: Cryptology basics, fundamentals

Wireless security legacy, background

Wireless security legacy

No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Controller programming; Safety networks; Enclosure design; Power quality; Safety integrity levels; Increasing process efficiency
Additive manufacturing benefits; HMI and sensor tips; System integrator advice; Innovations from the industry
Robotic safety, collaboration, standards; DCS migration tips; IT/OT convergence; 2017 Control Engineering Salary and Career Survey
Featured articles highlight technologies that enable the Industrial Internet of Things, IIoT-related products and strategies to get data more easily to the user.
This article collection contains several articles on how automation and controls are helping human-machine interface (HMI) hardware and software advance.
This digital report will explore several aspects of how IIoT will transform manufacturing in the coming years.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Mobility as the means to offshore innovation; Preventing another Deepwater Horizon; ROVs as subsea robots; SCADA and the radio spectrum
Future of oil and gas projects; Reservoir models; The importance of SCADA to oil and gas
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me