Eric Geier, a long-time tech writer and reporter, has launched NoWiresSecurity: Geier, who has been in this business of writing about Wi-Fi and wireless for longer than me, offers AuthenticateMyWiFi, a way to use 802.1X authentication for secure WPA/WPA2 Enterprise logins on a Wi-Fi network without hosting and managing the server yourself. The service is billed on a monthly rate based on the number of user accounts.
WPA/WPA2 Enterprise allow a Wi-Fi user to connect using credentials, typically a user name and password, which are passed securely over a network without first providing access to the network's resources. When a back-end authentication server confirms the user's identity, unique key material is creating that protects a user's Wi-Fi link separately from all other users on the network.
The ability to issue and revoke accounts, set policies (like: "can only log in between 8 am and 5 pm on weekdays"), and avoid giving out a shared key for all users are all why WPA/WPA2 Enterprise (or the underlying 802.1X standard in various modes) is the gold standard for secured network access. Interestingly, nearly all consumer-grade access points have the necessary support to enable this enterprise mode.
If you're running a small network, you can get access to WPA/WPA2 Enterprise by using Windows Server (various versions, prices varies) or Mac OS X Server 10.5 or later ($499 for unlimited users; Intel system required; bundled with some Macs). You could also install Periodik Labs's Elektron server ($950 with a year of maintenance).
All those solutions require a little to a lot of IT experience. Many small-to-medium-sized businesses have few IT needs beyond file sharing, but want to have a secure network. Geier's AuthenticateMyWiFi could fit this need. I've written about similar services in the past, such as the similarly named SecureMyWiFi from WiTopia, which the company has stopped offering. (WiTopia decided to focus on hosted VPN services, another category of outsourcing I recommend for small and medium businesses.)
AuthenticateMyWiFi provides the range of 802.1X options, such as access policies I described earlier (time of day, accounts that have expiration dates), security controls like IP-restricted logins, and access to usage logs. The service has you set up accounts via a Web site, and then configure one or more access points--as many as you like with the same user fees--to authenticate via its servers.
The rates start at $13/mo or $130/yr for up to 10 users, and scale up to $36/mo or $360/yr for 61 to 100 users.
The only trouble with hosted authentication is that authentication for users joining the network will fail if your Internet connection is down, the link between you and the hosted service is interrupted, or, of course, the hosted service isn't responsive. (Existing logged in sessions remain active.)