Is it true? Is internal, private enterprise wireless really obsolete? In an article for InformationWeek, Jonathon Feldman explores the implications of this weak security and what the focus should shift to.
So why is this once strong component becoming irrelevant? For starters, this enterprise is not “private” in the slightest; in fact, it is entirely insecure. Yes, when executed properly, it is much safer and more reliable than a consumer-grade wireless network. However, the problem is they are too often not executed properly. The issue lies in the inaccurate backward compatibility with WEP or WPA, or, more simply, it is just too complex. Certificates do help to prevent security breaches, but not all enterprise wireless utilize these certificates because of their complexity and cost.
What is the solution to all of this mayhem? An intrusion monitoring software would be greatly beneficial. It is improbable nowadays that a corporate device will never leave the safe haven of the company’s wireless network. Employees desire the ability to work remotely, and because of this there is a push to not be limited by a VPN. There is also the issue of programs such as Office 365 and Google Docs. These seemingly harmless programs allow for an employee to access even the most sensitive documents at any time, any place.
There are security measures being taken. For example, cloud now implements a two-step authentication process to help protect user information. Even still, there is a push to place the accountability of breaches on the employees. Requesting detailed information about an employee’s use on a mobile device could very well be ignored.
Do not jump ship immediately. Rather, evaluate the business’s current situation and needs. In most instances, directing attention toward end-user device security, application security, and user education is what solidifies security. Additionally keep in mind that a digital company has digital employees; they will be likely working outside the office, so adapt and protect.
You can read the original article here: http://www.informationweek.com/strategic-cio/it-strategy/is-private-enterprise-wifi-obsolete/a/d-id/1323070