Take A “Mobile-First” Approach to WLAN Security

Business Wi-Fi isn’t a novelty any more — it’s a way of life.  And with that emerging story has come a whole new priority for IT professionals to consider. Specifically, they should, in the process of locking down Wi-Fi networks, make securing mobile devices a primary goal.

What led to this situation? Fundamentally, it comes down to four factors:

1. The convenience of Wi-Fi is just as appealing to the business space as the consumer space. Wi-Fi networks are here to stay in every industry, and at every organizational scale from the enterprise to the mom-and-pop hardware store.
2. Wi-Fi security has, in the past, focused primarily on basic access — just establishing a device as an authorized network node.  And when Wi-Fi was first released, more than fifteen years ago, the provided mechanism to do this, WEP, was rapidly found to be easily cracked. In fact, it could usually be cracked in under five minutes.
3. Subsequent access layer security protocols have been far superior, and this has created the illusion that Wi-Fi networks are now fully secure. WPA-2, for instance, is dramatically more difficult to crack than WEP, making it far harder for rogue devices to join a business network. But controlling device access per se doesn’t even begin to fully secure a WI-Fi network.
4. Mobile devices have radically changed the game for business Wi-Fi. Every smartphone and tablet that has Wi-Fi can be used on business networks; and every day, worldwide, tens of millions of such devices routinely are used in this way, using approved credentials that sail right past WPA-2 as a defense.

Locking down mobile should be the top Wi-Fi priority for businesses.

Yet these mobile devices are consumer offerings and were never designed to provide business-class security. And they include not just a broad range of new applications outside the purview of IT, but fundamentally different operating systems than IT has been chartered to secure in the past.

So instead of IT only having to secure Windows, Mac OS X and Linux endpoints — all of which it owns —  it must now also somehow shield itself against devices it doesn’t actually own, that are running either Apple iOS or Google Android and a range of unpredictable new apps.

This is a fundamentally different, and more important, class of challenge for IT to confront, and it obviously goes to the front of the line among all Wi-Fi security topics. Mobile must come first.

4 Must-Have Wi-Fi Security Capabilities

It’s also the reason why top-tier Wi-Fi security solution providers have quickly responded with new capabilities specifically designed to secure mobile devices on business networks.

Fortinet, for instance, offers mobile-savvy WLAN solutions in three different formats (for SMB, enterprise, and MSPs), all of which share these advanced features:

• A unified security management agent.  FortiClient supports four major operating systems: Windows, Mac OS X, Apple iOS, and Google Android.  Notice that mobile is half the story there; that’s no coincidence.
• Network intrusion prevention/protection. Threats that made it past initial access layer security can often be detected via their behavior and subsequently dealt with.
• Web filtering. If you can keep Wi-Fi users from accessing known-problem sites, networks, or entire countries, you’ve taken a major step toward improving security.
• Anti-virus/malware. Baking this into Wi-Fi security is incredibly important, yet far from universal among Wi-Fi solutions.

Xiologix can help you deploy and secure a mobile-savvy Wi-Fi network that provides first-rate protection and the flexibility to grow over time.  If you’d like to discuss this subject in more detail, with respect to your particular context, let us know.