Wifi woes killing your productivity? Find out why here! (And learn more about Wifi!)

Good Day CopyLady family! It’s me again, the crazy yet awesome help desk geek, here to serve up even more helpful knowledge to keep your business running!

Wireless networking, or WiFi (Short for Wireless Fidelity, kinda like Hi-Fi was for stereos): Networking technology that no one can do without in this day and age. You can’t go anywhere and not find WiFi (Well, you COULD visit the town of Green Bank, WV, where Wi-Fi (and any other sort of wireless signaling) is illegal due to the radiotelescope that’s housed there!).

Some of you out there may think that WiFi is a recent innovation, but…….it is not! In 1991, NCR and AT&T invented the predecessor to today’s Wi-Fi standards, known as WaveLAN. Testing on wireless networking was conducted as far back as 1989 even! The first commercial implementation of what is known as IEEE 802.11 was created in 1997, and just two years later, updated to the more commonly known standard: 802.11b. The WiFi Alliance itself formed in 1999. The original 802.11 standards were largely single band, operating in the common 2.4GHz radio space. 802.11a would come out in the year 2000, bringing 5GHz Wi-Fi networking with it.

There are dozens of 802.11 versions in existence, although the common ones one will encounter today are 802.11n (Wifi 4) 802.11ac (Wifi 5), and 802.11ax (Wifi 6/6E). There’s also 802.11be, which is the upcoming Wifi 7 standard, but this is not yet available. You may notice that 802.11ax has TWO labels: 6 and 6E. The key difference here is 6 is standard dual band (2.4/5GHz), while 6E introuces 6GHz channels alongside the two regular ones. Wifi 7 and beyond will incorporate all 3 as a standard. Older standards are, of course, 802.11b and 802.11g, which are older, single band (2.4GHz) standards, while 802.11a is the 5GHz version of 802.11g. (I kid you not, g and a are the same except for frequencies)

Now that you know the story behind Wi-Fi, Let’s get down to some issues that you may encounter when using Wifi in your everyday life.

INTERFERENCE: Like everything else wireless, Wifi relies on radio signals to do it’s job. It’s similar to you talking to your friend, and them talking back to you. Your device “talks” to the router, and the router “talks” to your device using electromagnetic signals. For the best and most reliable connectivity possible, there should be no interference. Thanks to error correction, Wifi can tolerate SOME interference (This is common with multiple routers close to each other), but it can only tolerate SO much before things start going off the rails. (Again, you’re talking to your friend, and your friend is talking to you, but now you’re both in a room jam packed with people also talking to each other all at once!)

Interference can come from anywhere, especially on the original 2.4GHz channels, where nearly everything operates, such as:

  • Bluetooth devices (speakers, etc)
  • Baby Monitors
  • Microwave Ovens (Don’t put the router in the breakroom!)
  • Wireless cameras
  • Some remote controlled devices
  • Radio controlled toys (older ones operate well outside this band, newer ones use 2.4)
  • Other nearby wireless routers/devices (including printers with WiFi-Direct enabled)

The best course of action here, oddly enough, is to NOT use the 2.4GHz band, but rather the 5GHz band. On the majority of consumer routers, this is usually denoted by having either “-5” or “-5G” in the network name. (Most commercial/enterprise grade wireless systems use a process called “Steering”, in which the same network name is applied to both sets of signals, then the system determines what standards the device supports, then guides it to use the best signal.) Since the 2.4GHz band is becoming more and more crowded every day, it is recommended to use the 5GHz band if you are able to. Most consumer wireless devices made in the last 7-10 years have dual band capability, however most smart devices (Cameras, smart plugs, etc), only support 2.4GHz.

Second best course of action, is to isolate the router from these noise sources. (Though this is not often possible)

WEAK SIGNAL: Just like TV or radio (or your cell phone), WiFi uses radio waves to do it’s job, but unlike TV or radio (but much like your phone), It works with two way communication, eg; Your device transmits a wireless signal to the router, and the router transmits to your device.

Radio signals have two very mortal enemies: Distance, and obstructions. Let’s use radio as an example. You’re listening to your favorite radio station while driving somewhere. All of a sudden, you start to hear what sounds like a hissing noise interrupting your jam! The further you go, the worse the hissing noise gets, until it’s become a hot mess of just noise and intermittent content. This is the signal getting weaker the further you get away from the transmitter.

Obstructions: You’re driving in a mountainous region, listening to the radio, as you get in between the mountains, you notice that the station’s content is turning into a horrible mess of noise, which returns to normal once you either go higher up a mountain, or get out of the mountains. This is caused by an obstruction (mountain) getting between your radio and the transmitter. (Also why in these regions, the towers are usually on top of said mountains!)

WiFi acts the same, however because of the considerably higher frequencies (2.4GHz and 5GHz versus 530kHz-1700kHz for AM radio, 88-108MHz for FM radio, also, while WiFi only operates at a few milliwatts of power, commercial radio stations operate as high as 100kW on FM, 50kW on AM (Yes, 100,000 and 50,000 watts!)), distance and obstructions can hamper wireless connectivity severely. WiFi does have the ability to penetrate walls, but too many walls between you and your router can create problems!

There’s many ways to help improve your building’s wireless coverage:

  • Position your router in an open space, away from walls and windows. Do not put your router behind or inside furniture.
  • Position your router in the center most part of your facility, Use a device (such as your phone) to test the signal strength in every corner of your location. If using a phone, you can use an app like WiFi Analyzer (FREE on Google Play).
  • If you cannot position your router where you would like it (due to wiring constraints), Consider using a wifi extender. Extenders connect to your router wirelessly, then provide their own signal, which just bridges onto your actual connection. Extenders also provide an Ethernet port for you to connect a device that only accepts wired connectivity.
  • If you are using fixed desktop computers, consider using wired connectivity (Ethernet). Most modern office buildings are already pre-wired for it. You locate your router in a closet or room that has all of the “drops” coming into it, then connect all of your wired devices (copier, PCs, etc) to the ports located on the wall in each office. (You can also connect a router here to use as an extender if needed)

Another thing to consider: Wireless Security

This is even bigger than getting good wireless coverage! Just like people inside your building can receive the wireless signal your router broadcasts, so can those OUTSIDE of it! (This is especially true in multi-tenant buildings), so practicing good security standards is key to protecting your most valuable asset: Your data!

Let’s talk about a very important thing: Passwords.

Your wireless network password is like the key to your office: You only want those you authorize to use your wifi to be on it, and noone else. Therefore, it is important to pick a unique, strong password. Passwords must be at least 8 characters in length, but can (and should!) be longer. All wireless routers made in the last 5-7 years now come secured out of the box. You will find the name and password on the label under the router. This is usually secure enough, but can be customized, either through a mobile app, or through the device’s web interface.

Let’s start with what you should NOT use for a wireless password:

  • Your wireless network name: This is a no-brainer. Having the password the same as your network name is just silly, and can be easily guessed.
  • Your business phone number: While it is OK to use a phone number as a wireless password (this is very common), Don’t use the one that the whole world knows! Use your Cell number or something else.
  • Your address: Again, this is public knowledge as well, and if you’re the only business at that address, it can be easy to guess.
  • Common words: Don’t get lazy and use common words like “Password”, etc. In fact, Google “Commonly used passwords”, and do your best to NOT use anything on that list! (Don’t use 12345678 either!)
  • Nothing at all: I know it’s tempting to just simply NOT have a password (Like public hotspots), but there’s a list of reasons behind NOT doing that that’s longer than the distance between NYC and LA! I will explain these shortly.

Now, what you CAN (and SHOULD) use!

  • Word combinations: You can get creative here. A good example (Although don’t use this particular one as it is public knowledge): CorrectHorseBatteryStaple (Seriously, look up the XKCD on this one) – A combination like this can be easy as pie for you to remember, but insanely difficult for an automated process to guess, and even harder to crack. You can divide it using any punctuation marks, or even symbols. (This is usually the base of most default router passwords) (in fact, you can generate your own passwords at correcthorsebatterystaple.com!
  • A unique password that’s known to you, but not easily guessable by anyone else. For example: The name of your pet combined with your favorite color (eg, catorange or cat-orange). You can also slap some numbers in there (catorange1357, cat-orange1357, cat1357orange, etc), or some symbols (cat$orange, catorange$, $catorange, etc), Or combine em all into something wild. (cat1357orange$) – You’ll remember this because of the number, and the two phrases, but no one else can guess this, and it would take years to crack this password.

And now, the scary parts: What can happen if an unauthorized person does gain access to your wireless network. This is a list of things that can potentially happen, from least bad thing, to the absolute worst bad thing:

  • Your internet connectivity will slow down: At best, whoever manages to find their way into your wireless network will just sit there sucking down all your internet bandwidth, bringing your operation to a crawl, or even a screeching halt. This could just be someone watching a bunch of videos or something.
  • Use of your internet connection to distribute and obtain copyrighted materials: This is something else that can not only jam up your internet connection, but can cause your internet service provider (ISP) to start sending you DMCA copyright notices, despite the fact that you’re not downloading anything you shouldn’t be! In many cases, getting enough of these can cause your ISP to terminate your services, or worse, a lawsuit can be brought against you or your business.
  • High risk of a data breach – Allowing an unauthorized user/device onto your network can greatly increase the risk of your business’ data being stolen, and potentially sold on the dark web, or given to a competitor. Depending on the data, this could even lead to identity theft against you, your employees, and even your customers.
  • Use of your internet connection to participate in online attacks, data theft or threats: A bad actor can use your wireless network to take part in online attacks, either against another business, an individual, or worse, a government official or office. They can also use your internet to break into networks of other businesses, or even other governments! The bad part here, is these attacks get traced back to YOU, not the actual attacker. This would leave you in a very precarious situation While nowadays, VPNs are the go-to for things like this, many like to break into wireless networks for the purpose of anonymity during their crimes.
  • And the absolute WORST thing: Use of your internet connection to distribute and obtain illegal content: I’m not talking about the stuff that would get you a simple DMCA notice, like games, music and movies. Oh no, no no no! I am talking about the worst of the worst, which I will NOT mention in this post, but I think you know where this is going. Unlike the above risk, this would not just leave you in a precarious situation, it would get you full on raided. I’m talking police, FBI agents busting into your office, arresting EVERYONE, confiscating all equipment, etc! Sad to say there’s some bad people out there who are more than willing to break into a wireless network to do this, to cover their tracks!

Scary, isn’t it? This is why we secure our network, and we secure it tighter than fort knox!

Guest WiFi/Public Hotspot: I know, you want to be nice to your visitors, and provide a guest network so they can get online. Well, I think I speak for everyone when I say this: DON’T! Unless you can set up some serious controls and filtering on your guest network, it’s not worth the risk. The only risk you would be mitigating with a guest network is having your company’s data stolen. Every other risk exists in full form here. While a guest network or hotspot was a good idea back in the late 2000s to early 2010s, It’s kind of pointless now with the availability of unlimited mobile data plans, and mobile hotspot capability. Let your guest bring their own internet connections. trust me, it’s for the best. Don’t risk your business. To add to that, letting visitors use your internet connection can also severely degrade service performance. Yes there are still public networks (McDonald’s, Starbucks, etc), but they have systems in place to attempt to curtail abuse, such as limited connectivity time, and in many cases, traffic from these networks is routed to a central location operated by the hotspot provider, thus hiding the IP address of the actual business.

(Fun note here: If you have Xfinity/Comcast Business Internet, and are using their router, you will see two networks: An open one called “xfinitywifi”, and a secured one named “Xfinity Mobile”, These are hotspots provided by Comcast. These are provisioned independently of your actual internet, and do not interfere with your connectivity. Users can either log into these hotspots using their Xfinity Internet login details, through the Xfinity Hotspots app, or by purchasing a wifi pass from Comcast. These hotspots are generally safe to have in your business, as any activity performed herein is tied to that person rather than you. If you do not want these networks in your facility, you can turn them off through the Xfinity/Comcast Business apps, or by calling Comcast and asking them to deactivate the hotspot feature. This can also help YOU in a way, as you get free access to these hotspots if you have Xfinity/Comcast Business internet. They work well in a pinch, but I recommend using a VPN if you are using the unsecured network, just to encrypt your data. I’ll explain why soon, I promise!)

What grade of Wireless Security should I use?

This is probably not what most think of anymore, but I will offer it up just in case it does cross your mind.

When setting up your wireless network, You get to the point of setting the network password. You see an option letting you pick a security type. You look at this and ask yourself “What does this mean?” Well, Allow me to explain what you’re seeing!

There’s 5 different wireless security settings that (most) routers have: Open, WEP, WPA, WPA2, and WPA3. There’s also other methods besides this, but those start going into enterprise/industrial grade networking, so we’ll stick to the common ones!

Open: This is basically zero security, and zero encryption. Anything that can pick up your wireless signal can connect. The bad part of this (besides the scary stuff I outlined earlier), is that a bad actor doesn’t even NEED to connect to monitor your network activity! Since the data being sent across your network is 100% unencrypted, it can be captured with nothing more than a laptop, some easily obtained software, and a decent wireless adapter. Most public hotspots fall into this category, which is why I say if you HAVE to use one, use a VPN to encrypt your activities. A VPN will prevent an attacker from eavesdropping on your network traffic.

WEP: Short for Wired Equivalent Privacy, is the first encryption standard for WiFi. This is a very weak standard today, as you’re not only limited to hexadecimal code for passwords (0-9, A-F), but it is very easily cracked, again, using off the shelf hardware, and easily obtainable software. Due to this, Routers made in the last 5-7 years have removed WEP support. There is zero reason to ever use WEP in today’s wireless networks! In short, WEP is basically better than nothing, but also worse than nothing at the same time!

WPA: Short for Wifi Protected Access, was a more robust encryption system designed to replace WEP. WPA introduced stronger encryption, along with the ability to use actual words and phrases as network passwords. WPA used what is known as Temporal Key Integrity Protocol (TKIP), which generates a new 128-bit encryption key with each packet, versus the 64 to 128-bit static keys with WEP. Flaws were unfortunately discovered in the original WPA protocol due to having borrowed parts of the WEP specification. As such, WPA has also been depreciated, and is not included on current routers.

WPA2: The second version of WPA, which brought about AES (Advanced Encryption Standard), which, unlike TKIP, is a government-grade encryption standard. WPA2 does give you the option to use both AES and TKIP, although it is advised to use only AES, unless you have an older device that does not support WPA2-AES. (Some IoT items, such as cheaper cameras and smart switches may not).

WPA3: This is the newest version of WPA. It is similar to WPA2, but it ONLY supports the use of AES (No TKIP). WPA3 was introduced in 2018, but has not yet seen widespread adoption. You will find WPA3 on the newest routers, and on current generation devices.

My recommendation here: If you have all newer devices (From 2021 and on), you have a newer router (WiFi 6/6E or newer), and you have zero need for older wireless devices or wireless cameras, etc, Go with WPA3. Otherwise, use WPA2-AES. Only use TKIP if you absolutely have to (Most devices made in the last 10 years support AES without an issue). On the majority of new routers, WPA2-AES will be the default setting, so there’s likely zero need to really mess with it. Just set a strong password, set your network name, and carry on.

(See, I promised I’d explain this part!)