WiFi Security, Enterprise-Level Encryption
If you created a WPA or WPA2 encryption key of any type and must enter it when connecting to the wireless network, you are only using the Personal or Pre-shared key (PSK) mode of Wi-Fi Protected Access (WPA).
All Business networks should be protected with the Enterprise mode, which adds 802.1X/EAP authentication to the wireless connection process.
Instead of entering the encryption key on all the computers, users would login with a username and password.
The encryption keys are in the background and are unique for every user and each session.
This method provides central management better Wi-Fi security.
Instead of loading the encryption keys onto computers every user logs into the network with their own account when using the Enterprise mode.
You can easily change or remove and is especially useful when employees leave the company or a laptop etc is stolen.
If you are using Personal mode, you would need to manually change the encryption keys on all the computers and access points(APs).
The special ingredient of the Enterprise mode is a RADIUS/AAA server.
This communicates with APs on the network and consults the user database.
Also consider using the the Internet Authentication Service (IAS) of Windows Server 2003 or the Network Policy Server (NPS) of Windows Sever 2008.