How to Balance Wireless Network Security With the Thirst for Increased Connectivity
With workers relying more than ever on mobile devices to provide quick access to information, BYOD and BYON have become as ubiquitous and as necessary as office furniture. Yet, even though the “Bring Your Own” approach has revolutionized business, many companies still have a pre-revolutionary view to network cybersecurity.
Companies still place great emphasis on protecting the network in the office by relying on many security layers: the firewall, Internet Protocol restrictions and network access control, even though they don’t hermetically protect their wireless networks. But outside the company’s wireless network, all bets are off. Convenience trumps security as employees freely hop onto wireless networks that security teams can’t monitor.
Without IT oversight, employees are unwittingly – and sometimes willingly – exposing their devices to malicious hacking and thus exposing their employers’ network and digital assets. That’s not revolutionary at all. It’s an imbalanced approach that too heavily favors convenience over security.
Dubious Wireless Networks Invite Cybersecurity Risks
Rogue, compromised and misconfigured (such as those on wireless printers and screens) wireless networks are everywhere. People think they’re connecting to a safe and known public Wi-Fi network or a trusted cellular network when they’re in fact holding out their devices to hackers who are using inexpensive tools to intercept wireless communications.
In busy Manhattan, hackers in Sept. 2016 took over an AT&T low-power cellular base station and intercepted calls, data and messages, according to the consulting firm Frost and Sullivan. At nearby Penn Station, travelers who thought they were a using Google Wi-Fi connection were snared in a fake access point that mirrored the legitimate free public service.
That same month in Singapore, a Karma machine was used to hack into devices being used at a taxi stop, and a wireless printer was used as an “arrowhead” to penetrate enterprise devices.
The device owner’s credentials are laid bare when hacked, starting a crumb trail toward account passwords and other identifying information that can lead to his employer. The device is open to all sorts of manipulation, and hackers can also use social engineering tricks to prompt the victim to release sensitive information.
Hackers can also hit unsuspecting users with malware, eavesdrop on conversations and messages, or commit DNS spoofing to lure a user to another computer. No matter how resolute their internal security is, companies have no visibility into all those malicious networks and can’t protect corporate assets that are at great risk from what seems like ordinary Wi-Fi and cellular use.
The hidden threats lie in the numerous wireless networks used by your employees and it is crucial to remember that VPN won’t protect your network from them.
A New Partnership that Balances Security and Connectivity
There’s a new paradigm shift in wireless network security that no longer keeps companies in the dark and also allows workers to continue to take advantage of BYOD and BYON. Security and convenience can coexist.
Wireless security advances now let you partner with your users, creating a two-way street on which mobile users can be productive and security teams can have improved visibility. Throwing up barricades to wireless connectivity only encourages employees – especially those who need access outside of the office at any time of day – to find other ways around preventative measures, increasing the likelihood of exposure to malicious threats.
This new paradigm – or new partnership rests on three pillars of mobile enablement:
- Real-time monitoring and intelligence of threats on the wireless networks that surround the devices that are inside and outside your workplace.
- Pinpoint detection and risk evaluation distinguishes the good from the bad, the legitimate from the illegitimate, and lets you know which networks are safe to use.
- Policy enforcement that’s easy to manage and control so that you can tighten it in the face of threats but still allow employees and executives to use their devices without impractical restrictions.
With visibility of every device and network, you no longer have to deny access. You can enable access without fear.