Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Don’t allow your Wi-Fi to become a security risk

by The Gurus
November 16, 2015
in This Week's Gurus
Share on FacebookShare on Twitter

Don’t allow your Wi-Fi to become a security risk

By Mike van Bunnens, Managing Director, Comms365
Guest Wi-Fi is a standard offering for growing numbers of organisations from hotels, cafes and sports centres offering free Wi-Fi to customers, to businesses providing Wi-Fi for partners, suppliers and customers visiting the office. But how many organisations have any idea about the way in which that Wi-Fi network is being used? Not only does the company have a clear liability if a customer is viewing inappropriate – or illegal – images or content, but an inadequately secured Wi-Fi network can be an open door to the rest of the business infrastructure. In an era of heightened security awareness, too many organisations appear to be overlooking Wi-Fi. As Mike van Bunnens, Managing Director, Comms365 explains, an effective Wi-Fi strategy demands more than easy guest access – a fully managed service is key to delivering the content management and security policies required to improve customer service whilst safeguarding the business.
Open Door
The vulnerability of information has been reinforced in recent weeks. From the recent hacks at TalkTalk and British Gas to the technical issue experienced by Marks & Spencer and their website, all of which compromised customer information, individuals have become far more aware of the risk to personal data – and companies have become ever more alert to the risk to reputation associated with an information breach or network misuse.
And yet while most organisations have raised their game when it comes to hardening the IT infrastructure, how many are paying any attention to the Wi-Fi connection? In an era where guest Wi-Fi access has become an essential aspect of most business models, far too few companies are putting any good controls in place to safeguard the way in which this network is used. The draft Investigatory Powers Bill currently being discussed in parliament adds further weight to the discussion as it suggests that the Internet ‘activity’ of every person should be stored by ISPs for a minimum of 12 months.  That activity will be generated through many of these free Wi-Fi connections.
The reality is that should a guest misuse the Wi-Fi network – to view inappropriate content for example – the business could potentially be held liable. Furthermore, without the right controls in place, the Wi-Fi connection can become a simple back door into the overall corporate network, undermining all the other aspects of network security being introduced. Poorly managed, uncontrolled Wi-Fi is essentially an open connection that can lead to serious business problems.
Understanding Risk
It is important to step back and consider the way in which Wi-Fi is used – by both staff and guests – and assess the risks. Under the current legislation an organisation needs to be able to demonstrate a robust intent to prevent people – both employees and guests – from breaking the law. For most organisations, there is also a requirement to comply with CSR policies regarding the type of content accessed; policies that can include, for example, limiting personal social media usage.
Furthermore, in the era of the Internet of Things, with connected devices that now require 100% uptime, as well as a growing reliance on cloud based data and applications, the implications of any network glitch are potentially devastating. No organisation, therefore, can afford to leave the open door of unsecured Wi-Fi that could enable the introduction of malicious code.
However, far too many SMEs are using nothing more than a single router with a Wi-Fi access point and feel secure because the access is password limited. Yet when that password is handed out to any guest on demand – how can that be secure? In many cases access is not even time limited – gain access once and an individual can automatically log into that network, and hence every aspect of the Internet, again at any time. Attitudes to Wi-Fi are adding significant corporate risk.
Controlled and Secure
There are two essential aspects of Wi-Fi control and risk mitigation – content management and improved security. The introduction of even the most basic controls can radically reduce the risk without compromising the user experience. For example, guests can be provided with Wi-Fi access for a set time period – such as 30 minutes or one day – ensuring there is no chance of an ‘access once, stay online indefinitely’ Wi-Fi service. Staff access can also be tracked via an audit trail – providing management with inherent control over the way in which the Internet connections are being used and insight into how much time is being spent on non-work activity.
Guest and staff access can be securely segregated to protect the core infrastructure. It is also possible to control the amount of bandwidth available to different user groups – for example, ensuring staff always have more bandwidth than guests to avoid any productivity dips, or simply checking that priority traffic is never compromised by those heavy users that exist in most organisations. Indeed, specific bandwidth can be locked to individual users if required.
On the content management side, the emphasis is clearly on prevention rather than simply highlighting activity in real time. Realistically, no one wants to knock on a hotel door or quiz a supplier to find out what they’re using the Wi-Fi for. It is far more effective to simply lock down and prevent access to any illegal and/or unacceptable content. With strong content management and filtering tools, companies can pick and choose what should be censored – effectively both locking down the network and demonstrating that robust procedures are in place.
Management Overhead
The problem facing many SMEs is that despite the ubiquity of Wi-Fi provision, most companies find the whole process of managing the wireless network rather arduous. Far too much time is already spent dealing with user access problems and chasing providers about the quality of service – few companies will have the resources to introduce better security or content management.
As a result, there is a growing trend towards Wi-Fi Managed Services that can not only lock down the network but also deliver the continuous maintenance and upgrades required to improve overall uptime and minimise user issues. The service should also include a choice of security policies and procedures, such as timed access, as well as the ability to make content filtering decisions that reflect industry/company specific policies.
Security is a high priority but, as ever, there are battles between operational requirements and the need to lock down the business. Companies feel obliged to provide Wi-Fi for customers, partners and suppliers; it is a standard component of many business models. But that does not justify providing open access to all and sundry. The ability to offer different access points with different controls, time constrained and with strict content management, enables organisations to meet corporate requirements while also safeguarding corporate integrity. The key is that the managed services model allows organisations to take a far more controlled and sophisticated approach to Wi-Fi provision without compromise.

FacebookTweetLinkedIn
ShareTweet
Previous Post

Spam in Q3 2015: Spammers Exploit Tourists and the Lonely with Fake Airline Tickets and Russian Brides

Next Post

Isil plotting deadly cyber-attacks against Britain, George Osborne warns

Recent News

software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023
ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information