Thursday, 9 August 2012

Network Security: is New Technology Making Business Less Secure?

All businesses need to make sure that network security is a priority, because a breach can leave companies bereft of precious data and severely damaged in terms of reputation.

This is particularly important for small and medium size enterprises (SMEs) because compromised security can spell real disaster from which recovery may not be possible. However, there are those who are concerned about the current state of security, claiming that technological advancements are making it trickier to repel threats from the borders of a business network.

One regularly cited issue is that businesses are now offering Wi-Fi hotspots that can be designed for internal use by employees but may also be used to offer connectivity to customers and clients in order to make a place of work more welcoming.

There is an expectation amongst many that businesses should provide easily accessible Wi-Fi so that outsiders can connect when they are in the vicinity, as it will make your business seem connected, contemporary and approachable.

However, there are fears that an incorrectly configured network into which Wi-Fi hotspots are placed could end up being far more susceptible to security breaches. This is because it is easier for third parties to circumvent traditional controls if they have direct access to a network via Wi-Fi.

Unscrupulous characters no longer need physical access to a business network in order to carry out a breach. They can do untold damage with just a laptop, smartphone or tablet and access to a company's Wi-Fi network.

Security expert Matthew Lord told Computer Weekly that an attack could be levelled against a business network by someone sitting just outside the office. He pointed out that even a Wi-Fi network protected with a username and password system might still be vulnerable to illicit users, because it would not necessarily take that long for someone to guess the right combination of names and passphrases, particularly if staff have chosen weak passwords (password, letmein, etc.).

There are ways for businesses to avoid the typical pitfalls associated with Wi-Fi hotspot-related data security issues recommended by those in the know.

The first is for companies to establish two distinct Wi-Fi hotspot services, the first of which is visible to and accessible by customers and other members of the public, but with the important condition that it may not be directly linked to the business' internal network.

In this way it is possible to allow visitors the chance to access the internet while they are on the premises without giving them undue access to business-critical systems and data.

It is pointed out that to avoid staff using their own devices to carry out work tasks over the public network, thus further risking the integrity of information security, businesses should choose to make this Wi-Fi hotspot available on a temporary basis after registration. This will refocus workers' attention on the secondary Wi-Fi connection, which is only aimed at internal use.

The aforementioned issues with Wi-Fi hotspots that are not open to the public but could still be externally compromised might be addressed through the use of VPNs, according to experts.

Using a VPN client to make the connection between wireless devices and an internal network will mean that data is encrypted during transit and even if someone is able to trick their way onto the hotspot, they will only be able to view packets of information flying back and forth without actually being able to assess their contents.

SMEs need not be overly sceptical about the use of Wi-Fi hotspots because there is clearly a multitude of ways in which they are beneficial. However, experts simply want to make sure that the risks are understood and that measures to improve security are put in place.

Daisy Group plc have over 12 years experience in providing telephony and connectivity solutions to small medium and corporate businesses across the UK.  Daisy's range of services include business phone lines and calls, telephone systems, business broadband, FTTC and mobile phones.

No comments:

Post a Comment