How to Protect Your Wireless Network against Attack
Wi-Fi is quickly becoming an essential business tool in many industries. Gartner expects the majority of users will reach for tablets and smartphones for all online activities by 2018. This ongoing shift from desktop to mobile is enabling improved employee productivity, better customer service and greater operational efficiency.
Wi-Fi access in the workplace isn’t just for employees. Customers, vendors and business partners expect to have the same level of on-demand connectivity that they enjoy at home or in their own workplace. A guest wireless network enables organizations to meet demands for free, reliable Wi-Fi access while isolating sensitive company data and business applications on the corporate network.
The expanded use and business value of Wi-Fi mean that organizations need to go the extra mile to ensure that security concerns are addressed. News headlines continue to show that even the largest enterprises aren’t immune to major security breaches, many of which have been the result of vulnerabilities in the Wi-Fi network. Traditional network security solutions such as firewalls and network segmentation don’t go far enough.
A wireless intrusion prevention system (WIPS) can help stop attacks and unauthorized access to the wireless network, and provide a cost-effective way to meet regulatory compliance requirements. A WIPS is a device that looks for the types of attacks that are commonly launched against wireless networks, preventing hackers from gaining access to credentials that can be used to dig deeper into your network.
A WIPS also monitors the Wi-Fi network for rogue and misconfigured access points (APs) that can be unknowingly installed by an employee or vendor, or deliberately installed by a criminal. Rogue APs can connect to an otherwise isolated segment of your network, providing criminals with unlimited access to sensitive data. In addition to data and identity theft, an attacker can carry out a digital denial of service (DDoS) attack that can shut down operations. A criminal can also pretend to be an authorized device in order to connect to an authorized AP, resulting in the same consequences.
The Payment Card Industry (PCI) Data Security Standard (DSS) is one of several regulations that requires scanning for rogue APs. PCI DSS specifies that scans be conducted on a quarterly basis at minimum, but such infrequent scanning can lead to weeks or months of undetected vulnerability. The misconfiguration of APs has also become a major compliance issue — Garter has found that the majority of wireless-related security incidents occur because of misconfigured APs. A WIPS is more cost-effective than manual scanning, making it an important tool in maintaining regulatory compliance.
A WIPS helps ensure that the guest network is truly segmented from the production network, and determines which devices are truly authorized to access the production network. And because the WIPS is constantly monitoring the network, it provides logging, event notifications and geographic information that can be used to identify potential attacks, investigate successful attacks, meet compliance requirements and improve the overall performance of the wireless network.
Because the wireless network is a key component of the IT infrastructure, you need the right tools to ensure robust security. Let ICG show you how a WIPS can help maintain regulatory compliance and protect your Wi-Fi network from attack in a way that traditional security solutions can’t.