Organizations of all types operate in an increasingly complex business environment, with a broader attack surface for cybercriminals to target. As more and more wireless devices enter the workplace, companies are striving to maintain the security of their wireless networks. Fortinet’s Doug Ramos discusses the issues and trends affecting enterprise wireless environments today.
Q&A with Doug Ramos
What’s keeps corporate IT leaders up at night, regarding the security of their wireless networks?
The Gartner Group predicts that 33 billion endpoints will be connected by 2020. And the majority of these devices will be wireless. When it comes to devices in the workplace, we often think of smart phones, laptops, and tablets. But today’s wireless endpoints comprise more than those traditional devices. Organizations may also deploy wireless IP cameras, location-based beacons, and other small devices which often are not capable of supporting a traditional security solutions. So this means companies have more and more vulnerabilities to protect for the foreseeable future. It’s not just the wireless network; it’s everything that connects through the network.
What are the underlying issues leading to security gaps?
The growing number of small devices that aren’t able to support security is one challenge. But even traditional wireless devices – smart phones, laptops, tablets – can create security gaps due to the number of mobile applications they run, both for personal and professional use. Contact management apps, games, shopping websites, and even legitimate online news outlets may be infected with malware without the user’s knowledge. This can, in turn, affect the enterprise network as a whole. Users sharing their log-in credentials with guests, or not changing their passwords regularly can also lead to security gaps.
So what do companies need to consider when evaluating their wireless security?
Securing business communications, personal information, financial transactions, and mobile devices involves much more than network access control. It also requires actively scanning for malware, preventing access to malicious websites, end-point integrity checking, and controlling application usage.
Protecting Access points (APs) is critical to wireless security, and to securely extending physical coverage for users. Todays AP’s not only need to support high density environments, but also support security features like Application Visibility & Control (AVC), Wireless IPS (wIPS), and Rogue monitoring. And all without the loss of performance.
This is why a security fabric is so important. Companies need deeply integrated security systems that share information across all areas, including wired, wireless, VPN, and cloud environments. And when that integration is coupled with machine learning capabilities, the system can flag abnormalities more accurately and more rapidly, and coordinate responses between different security deployments. All of this contributes to better response time for organizations in mitigating threats.
What’s something these organizations may not yet know?
Most companies think they have their security taken care of, but aren’t accounting for how their network is actually accessed. The fact is, 90 percent of people – employees and guests – are connecting to their network wirelessly, and yet wireless APs are often less secure than the wired perimeter, or require a completely separate security solution set, which isolates them from a unified security strategy. In addition, organizations need to consider that a single user may be logged on through multiple devices: a phone, a tablet, and a laptop. How do you know if one of those devices doesn’t actually belong to that user? It’s critical that a security solution map users to devices and control access accordingly and accurately.
How can you know what you don’t know?
The majority of companies believe they have an understanding of the users and devices on their network, whether attached over the wired or wireless network. But they don’t really have any tools that can tell them. Having visibility into your network is the first step of securing it. You might not have a BYOD policy, but instead simply trust that your employees are only using corporate devices and applications on the network. This sort of willful ignorance leads to the Shadow IT problem.
What is Shadow IT?
I’m glad you asked. Shadow IT is a term used to describe the use of unapproved devices and services on the network. For example, an IT department might have to support tablets not because they are corporate approved assets, but only because everyone from the CEO down has a tablet on the network. But there could also be myriads of devices on the network that IT doesn’t even know about. Most recently, Shadow IT has begun to include consumer or enterprise applications in the cloud, such as file sharing apps, social media, and collaboration tools, and it can also include lines of business that have deployed enterprise-class SaaS applications or sometimes even cloud-based infrastructure. There is often no corporate policy or decision to allow this, and most of the time it’s unknown by anyone on the IT team.