You don’t want anonymity of your brand or your business. If you did, how could customers find you? But your business systems, those critical devices on your network that keep you operational (laptops, workstations, servers, point of sale and inventory systems) are another story. Those are what you want to keep out of sight and unrecognizable by outsiders. Why? Because identifying your systems is the first step attackers take before exploiting them.  

Two ways attackers look for targets are scanning the entire Internet for vulnerable systems by their IP address from anywhere in the world or breaking into your business Wi-Fi network if they’re nearby. If they can see you, they can attack you. If they can’t see you, they don’t even know you’re there to attack in the first place!  

You want to keep your business systems out of reach of all unauthorized users. But how do you do that?  One step you can take is to keep your public facing IP address hidden. When attackers can see your true unmasked IP address they have found their target. Scroll to the bottom for a link to check your system’s public facing IP address. To hide your IP address, you can start by routing your Internet traffic over a proxy or series of proxies like a Virtual Private Network (VPN). What are proxy servers and VPNs? A proxy server is a computer that masks your public IP address replacing it with its own before sending your data to its destination. Link a series of proxies together, add some security controls, and you get a private network that passes your traffic from one to another before landing at your destination. Your IP address is never known to the destination, only the last proxy’s IP is traceable. This measure anonymizes your online activity.  

To protect your systems from nearby Wi-Fi attacks, you’ll need to securely configure your Wi-Fi network. If you choose to provide Wi-Fi service for your customers or staff, use the “Guest Network” feature available on most business class Wi-Fi routers and Access Points. Make sure the password is not the same as your internal business network. Some businesses choose a guest Wi-Fi password to promote a sale or other special (e.g. “Your Store’s Name Guest Network” password: “Buy 1 get 1 50% off!”). Your internal network though, the one your business systems run on, should be hidden if possible. Some routers have an “enable broadcast” feature which you can disable. That way, anyone looking for nearby Wi-Fi available will never see your internal business network. Before disabling broadcast, however, make sure all your business systems are connected. 

Make sure your internal business network is protected using strong encryption. We recommend WPA3 Enterprise protocol. Choose a complex passphrase (not password) consisting of more than 16 characters. Include spaces, if your device allows it, and uncommon special characters like tilde ~ (shift+apostrophe), braces { } (shift+bracket), or bar | (shift+backslash). Password cracking techniques and samples used in cracking often include the more common shift+number symbols and are, therefore, not as strong as the recommended symbols. Also, change that passphrase semi-annually.  

You could use a randomly generated passphrase with more than 16 characters but those can be difficult to use when you’re adding or reconnecting certain systems. In some cases, Wi-Fi routers allow the use of QR codes to connect a device. If you use a QR code, make sure others are not able to capture it and use it themselves. 

These two methods increase your anonymity, but determined and highly-skilled attackers can often find their way into even highly secure networks. Still, these steps will ensure you’re not an easy target, so attackers will just move on to the next one.  

Check your public facing IP on our We Know Cyber Testing page here https://weknowcyber.com/testing. If you’re not using a VPN, this is the IP address attackers can see. They can use that to find your location, scan for vulnerabilities, and find other information that can be useful in planning their attacks.  We Know Cyber configures network routers, Wi-Fi Access Points (WAPs), business systems, and VPNs. Call us for a free consultation at 888-904-7011 or email [email protected] to see how we can secure your business.