In our office, all computers connect to the network over wireless. The wireless is protected by a pass phrase and communication is AES encrypted.
On the same network is a file server that is used solely for sharing files between employees. Each user has a user-specific username and password to connect to the file server.
Whilst there it is not allowed to store confidential information on the server, such is human nature.
Is the file server adequately protected?
It is difficult for someone to tell you if a particular resource is adequately protected as it depends on the value of the files stored on the server as well as many other factors.
I am assuming that you are using WPA/WPA2-PSK, which is what most small businesses usually use. Every employee connects to the wireless network using the same password. The risk is that any employee can run a packet capture software such as wireshark and capture the authentication process of a fellow employee.
In such a circumstance, either the hash or the plain text password of the victim will be revealed. It depends on which authentication protocol the file server uses.
