The advent of the wireless networks not only allows more easier communication throughout an office, warehouse or plant, but enables wi-fi capable systems to ‘talk’ to each other. Having a storage tank automatically send an alert when liquid levels drop to a certain level is an example of how wi-fi can help manage tasks humans used to have to monitor themselves. Yet this ease of communication comes with increased risk to security.
While you want your employees & clients/customers to have access, you must defend against unwanted individuals from gaining access to your systems. So having a secure wireless network is more important than the wireless system itself given how the best wifi in the world is useless if not secured properly. While there are many ways to create a secure wireless network, both technical and procedural, the most successful method involves three basic sets of processes.
The paradox of security is your biggest risk is from those you trust the most. During their every day duties, employees and trusted clients use devices which are part of the local-access-network (LAN) and have many security features already put into place by the IT department.
However like losing a key, these same systems (be they a laptop or PDAs) can become a highway right into your system if not managed properly. All it takes is a stolen laptop with a sticky-note with the password to allow entry. Therefore security training is essential to educate employees of the dangers of not following established procedures.
The LAN must be protected in areas which have the most public access. Again this is a technical issue with many possible answers depending on the size of the area and amount of traffic. The key is to know where the public can gain access to your system. The concept of wardriving applies to commercial properties as well. A wi-fi hotspot used internally which broadcasts farther than it should can become a less-guarded entry point for hackers.
Again this is a technical issue with many solutions as information is protected through layers of encryption and authentication. Encryption, like a code, makes data unusable without the encryption key while authentication is another method of ensuring only authorized users/systems can access the network.
However a larger issue comes from the fact there is very real trade-off in safety versus speed that come with having a very secure wireless network. This is a very real issue as there will always be calls for the system to work faster. The management and IT department have to weigh the risks versus productivity. It is easy to become frustrated with a slow system but the cost of an intrusion where customer’s privileged information is stolen can be a catastrophic event for a company. Choosing the balance between speed and safety is an issue that takes very careful study of the risks and the needs of the company.
Monitor For Security/Compliance
Just putting up a firewall and other protocols to protect wi-fi hotspots doesn’t make a secure wireless network. Your LAN needs to be patrolled and monitored in a way the physical company area is.
This monitoring applies to the employees themselves. One proven way is to perform unannounced spot-checks of employees as they leave the building. This almost always catches someone bringing home something they shouldn’t with the intent to work on it at home. Employees with the best of intentions can be your biggest security risk if not monitored .
Monitoring also applies to keeping abreast with changes in technology and hacker habits. It is easy to fall into the trap of thinking a new security upgrade will last but a secure wireless network is secure only until the next new technology comes along. Thus risks are constantly changing forcing management to never rest when it comes to security upgrades, training, and monitoring of their employees, clients/customers, and systems.
image 1: http://1sprint.com/services/