Wireless Network Question

in Off-Topic
Quick question as I am not too strong in wireless. I have a wireless network I setup myself at work, it has 1 SMC wireless router and 2 SMC Access Points. I currently have it setup to where it will only let anyone connect to the network if I have the MAC address of the wireless NIC setup in DHCP. Only a few people ever use it and I figured this was the most secure way to set it up to keep anyone from just hopping onto it. This is pretty much the most secure way of setting it up right or did I miss anything?
Comments
1) The weakest security area is in the area of in-house users. There is far more danger from this than from being hacked through a security system -- keep the number of users as low as possible!
2) Piggybackers are everywhere. You'll always have people wanting to ride your wireless system and eat up you precious bandwidth. We have people come in and ask if they can jump on! Well, guess that's better than wholesale piracy.
Now, with these 2 things in mind, you're probably as safe as you're going to get.
This may be too superficial, but hope it helps.
When it is appropriate, you could place external boundary protection around the perimeter of the office/building.
I hope this helps!
But there's an important issue I came across, which should be added to the list above.
This is not secure, because a MAC address can be easily spoofed. Sure, they have to 'guess' a valid MAC address, but if they would find out who the manufacturer of your NICs is, they 'only' have to guess 6 hex characters.
If you don't use Shared Key authentication but Open System authentication the clients broadcast their MAC address by default to identify themselves.