Today, more and more businesses – from coffee shops to hotels to corporate headquarters – are offering their visitors wireless internet access via guest Wi-Fi networks. As a result, people expect to be able to access Wi-Fi everywhere they go. Guest networks are widely considered to strike the best balance between ensuring that visitors have the connectivity they need and maintaining the security of a company’s internal network.
However, not all guest networks are created equal. The way you set up and manage your company’s visitor network can have a big impact on its performance. If your business is considering creating a guest wireless network for visitors or customers, read on to learn about some important best practices that can help your network operate at its best while staying safe and secure.
Be aware of what potential problems you may encounter.
Guest Wi-Fi networks bring a different set of possible problems than those associated with your company’s standard internal network, and the more you know about what those problems are, the better prepared you can be to deal with them if they do occur.
For example, because so many different devices are used to access a guest network, it is particularly vulnerable to malware. While individual users should be held responsible for the health and security of their own devices, not everyone takes care to ensure their devices are properly protected. Unfortunately, it only takes one user with a malware-infected device to cause damage to, or slowdown of, your entire network.
In addition, because guest networks are frequently being accessed by a large number of devices simultaneously, signal speed and strength can sometimes be a problem, as can overall network failure or downtime. Take the time to consider what problems your guest network might experience, and ensure that you have troubleshooting policies developed and in place before you need them.
Be smart about passwords.
It’s an obvious point, but one that can’t be overemphasized: your company’s guest Wi-Fi network should never be unsecured. Even if it’s only used by a small number of people, a guest network should always be password-protected.
That password should also be changed on a regular basis. If the password never changes, your network is effectively unsecured. Furthermore, consider handing out the password on an individual basis rather than broadcasting or displaying it publicly. This helps to ensure that only visitors who have the right to be on your business premises can use it.
Consider per-user login keys rather than a single password.
For even greater network security, you may wish to consider assigning unique login keys on a per-user basis rather than having a single password that everyone uses. Under this system, each visitor is given an individual code with which they can access the guest network.
This makes it easier to block access for specific problem users without impacting anyone else on the network. It also allows the option of having login credentials expire after a predetermined period of time (24 hours or several days), which eliminates the problem of future unauthorized reentry to the network. This is an especially useful option for larger businesses whose guest networks are typically used by corporate visitors or clients.
Ensure appropriate use.
Not everyone is aware that if a visitor uses a guest Wi-Fi network for inappropriate or illegal purposes, the network owner – in other words, the business – and not the visitor can ultimately be held responsible. To enforce appropriate use and make sure that no one is doing anything on your guest network that they shouldn’t be, it’s a good idea to create a “splash-page agreement.”
This is a webpage that all visitors must pass through before accessing the guest network. Typically, such a page will outline network access rules and policies, and ask guests to click a button to agree. Without agreeing, visitors can’t access the network. If they do agree, your business will have some degree of protection if the online activities of a visiting user violate your company’s policies or any local laws.
Implement bandwidth limits.
A single user who decides to download a pirated movie on your company’s guest Wi-Fi network is not only violating policy and laws, they are also taking up a huge amount of bandwidth. This makes the network connection slower and less reliable for everyone else using it.
To prevent this problem, you can implement bandwidth limits on your network that will ensure that no one visitor is using more than his or her fair share of the connection.
Analyze network usage.
A guest Wi-Fi network may be a service that your business provides to customers or visitors, but that doesn’t mean that it can’t be useful to your company as well. Implementing data capture capabilities that allow you to gather information about guest network usage can help your company gain important insight on who is using your guest network, when, and for how long. You can use this information to provide better service to your users and customers.