8 Precautions to Take When Offering Guest Wifi
One of the best ways for a small business to make their mark on a community and get ahead with a brick-and-mortar venue is to offer guest wifi. This is something that is traditionally only available in chain and franchise locations in which the entire line of venues is known for wifi, despite the fact that it's remarkably easy to set up. If you've got a growing local customer base of students and professionals, guest wifi is ideal for drawing people to your door and keeping them inside once they arrive. The ability to check their emails, play games, and even settle in for some remote laptop work means that your venue can quickly become a hotspot of trendy modern activity and even a refuge for travelers working with a finicky GPS.
However, there is one unavoidable risk if you do choose to open up your venue to an in-person online community, and that is hackers. This malicious aspect of the digital age has recently been perfecting their techniques to crack into business computers through guest wifi, spy on other guests, or spread their malware through guest wifi networks. To help you offer a great service without the liability, be sure to take these precautions when setting up your guest wifi network.
1) Completely Separate Network
First and foremost, be sure that your guest wifi is in no way connected to your business network. Get a separate router and possibly even a separate internet plan for the guest wifi so that there is zero way to reach your business data and computers through guest access. Don't just secure an alternate route, use a completely separate network.
2) Captive Portals
A captive portal is what you see when you connect to the vast majority of guest networks. This is a special page that users are sent to that lets them know who is providing the wifi and often includes a few terms of service to agree to. While it may feel 'cool' to forego the captive portal, don't. Not only do you get a little free advertising from people skimming around for free wifi networks, it also allows you to track and control the flow of traffic through your network.
3) Individual Guest Accounts
The first thing any guest should do on your wifi network is to create a guest account. The credentials can be almost anything as long as they are secure and remembered by the system. This ensures that no one gets into your wifi without giving a working email address. This also has the benefit of creating clear metrics for new and return customers based on wifi logins alone.
4) Warnings and User Agreements
As your customers are creating accounts and/or logging in, be sure to add a few extras that will both enhance security and lower your liability. First, make them at least skim and then agree to a user agreement that states they will not hack or use abusive language (so on and so forth) while using your guest wifi. This way, if they break the rules you have legal grounds both for your liability protection and to sue hackers. Second, include a warning for non-hacker visitors to remind them that all public networks are inherently unsafe and to be careful what they access while using your wifi.
5) Encrypted and Password-Secured
Encryption is a great approach to almost all cybersecurity questions, as is password protection of anything important. Encrypt everything you can and all data you handle immediately and make sure that users log in with their secure passwords upon returning to your wifi network. While it's alright to have some password memory features, be sure they are device-local, encrypted, and consider a picture-password for added security.
6) Approved Guest Access
If you are a more exclusive service than a wifi-capable coffee shop, you may actually want to personally approve each guest account before they can access. This is how some hotels do in order to limit their wifi access to staying guests only or banks that allow guests to access the web in order to get their paperwork in order. If this applies to your industry, you'll want a way for a few select employees to approve of wifi-access requests for guests.
7) Browsing Policies & Bandwidth Caps
The next thing to consider is that some websites are safe and some are extremely not safe, as is the ability to download or upload through your wifi. Just like many schools do in their computer labs, consider creating a blacklist of known 'bad' sites along with some basic browsing policies for your wifi access including ad-blocking and bandwidth caps. These can combine to thwart basic hacking attempts and prevent one guest from using up everyone's internet with bandwidth-intensive uses.
8) Nuke-and-Pave Cybersecurity
Finally, while you may have superb firewalls, anti-virus scanning, and other cybersecurity measures, remember that your guest wifi is essentially exposed to the public and might become infected or misused at any time. If this happens, be ready to nuke and pave the entire network configuration and restart from a clean backup and factory settings. With this approach at the ready, it won't matter what happens to your guest wifi because it'll be back up in less than an hour.
For more small business network and data security tips, tricks, and trends, contact us today!