I'm currently doing some serious research into wireless security issues, so I'll share some secrets to wifi security:
1. 40-bit WEP keys are just as insecure as 104-bit WEP keys, know why? Because nobody actually cracks the WEP, they crack the 24-bit IV that's broadcasted with it. So, instead of wasting precious bandwidth and CPU cycles, turn WEP down to 64-bit.
2. Use some form of EAP, prefferable LEAP. LEAP utilizes a rotating key configuration and a RADIUS authentication server. Basically, the idea is that each user contacts the AP and gives a username/password. Then it authenticates you against the RADIUS server and generates a WEP key if you're legit. Then, (this all happens behind the scenes) every few minutes your computer retransmits the username/pass and a new WEP key is generated. So, a hacker probably won't be able to crack the key before a new one gets generated--pretty sweet. MS also has an EAP version out that authenticates to AD with a dual certificate system. It's much more secure than LEAP, but impossible to implement.
3. Don't disable SSID broadcasting. It's just annoying. And it doesn't do anybody any good.
4. Don't do MAC filtering. Again, it doesn't do anybody any good, it's just annoying.
