By 2020, it is expected that more than 38 billion devices will be connected to the Internet, many of them mobile devices that rely on wireless access. Just as network boundaries are being stretched in multiple directions by the Internet of Things (IoT) and mobility, threats are becoming more complex and hackers more sophisticated than ever.
On this constantly changing landscape, securing personal data, sensitive business information and mobile devices takes much more than just network access control. It requires shifting to a “mobile-first” mindset with the flexibility to support the growing number and variety of devices while securing both wired and wireless LANs.
WI-FI SECURITY LANDSCAPE
Wi-Fi has a difficult relationship with security. Public Wi-Fi may be the most unsecure way of connecting to a network; yet users don’t hesitate to use whatever hotspot they can find to get online — exposing the company network to risk when they reconnect. In fact, CNBC reported that more than 60 percent of users believe they are secure on public Wi-Fi, and most think security is someone else’s business.
These perceptions are misguided. Even secure wireless routers have vulnerabilities. And a fifth of organizations don’t bother to change the default passwords on wireless devices, which makes them easier to hack.
It’s also time to recognize that laptops and smartphones aren’t the only devices that connect to your network remotely. IoT devices like smartwatches, fitness trackers, cameras, robotics, medical devices and even home security systems are finding their way to your network. IT security often doesn’t have the capability to monitor all of these endpoints, making the job of hackers trying to penetrate your network so much easier.
WHAT’S A MOBILE FIRST MINDSET?
Securing and optimizing wireless connections takes a mobile-first mentality, one that recognizes where and how the bulk of the endpoints are coming from and what data they are accessing. Your security platform needs to balance advanced security with the flexibility to support the growing portability and performance requirements of an increasingly diverse array of mobile connections.
An effective way to achieve this balance is to adopt a unified access layer strategy that facilitates:
- Consistent communication and enforcement of application and device policies across different devices and users in both wired and wireless environments
- Multiple layers of defense including internal segmentation; so threats that evade border security tools are stopped or slowed to the point of detection at subsequent layers
- Continuous malware scanning, stronger control of application usage and simplified endpoint integrity checking
Our technology partner, Fortinet, has developed a secure WLAN access solution that provides all of these capabilities in a single portfolio, with options for on-premise and cloud-based deployment. The on-premise option offers multiple layers of protection integrated on a collaborative "security fabric" platform including firewalls, anti-malware software, VPN connections and web filtering; as well as capabilities to separate wireless security from the underlying security infrastructure. The cloud-managed option provides an equally robust, advanced security offering to organizations that prefer to outsource.
A Fortinet partner, VLCM can deliver the advantages of a mobile-first approach to WLAN access security either on-premise or in a SaaS (Security-as-a-Service) model. Contact us.