SUBSCRIBE TO
CONTINUITY BRIEFING


Business continuity news

Never miss a news story: signup for our free weekly email newsletter.

REGIONAL PORTALS
Continuity Central currently offers three regional business continuity portals:
North America
United Kingdom
Asia Pacific / Australasia

Phoenix Managed BCM

Add to Google  

Use Google?
Click the button to add Continuity Central news to your Google home page
.

Follow us on Twitter  

Get immediate news
and information updates via our Twitter feed.

SUBMIT YOUR NEWS
To submit news stories to Continuity Central, e-mail the editor.

NEWSFEED
Want an RSS newsfeed for your website? Click here

OUR COOKIE POLICY
Before using this website ensure that you understand and accept our cookie policy. More details

Emerging wireless risks to consider

Ian Kilpatrick considers the risks to businesses from the proliferation of wireless access points and discusses the benefits of deploying secure access points, which are directly linked to gateway security.

Wireless, mobility and BYOD are all part of an unstoppable wave, based on widespread consumer and remote worker usage. With the new faster wireless standard, 802.11ac, due to be approved in November this year, and with 4G continuing to grow, demand for fast wireless in the workplace will increase inexorably.

While this creates multiple opportunities, it also creates a great many challenges. If, for example, your existing wireless network is insecure, building on that base of sand is always going to fail.

Historically, for many organizations, both large and small, wireless was a tactical solution to a user-driven demand for laptop (and subsequently smartphone and tablet) mobility in the office.

As demand and users have increased, organizations have typically added more access points. Today, access points are a significant element of user LANs. While they may not carry the highest amount of traffic, they typically will carry a disproportionate percentage of business confidential information.

The problem that this creates, particularly for smaller organizations, is that access points sitting inside the network, and connecting to it, are often perceived as being covered by many of the existing gateway security solutions. This can mean they are connected directly to the trusted network (internal LAN). Where this happens, it raises major security risks. There are also risks, even where wireless connectivity is managed through a separate virtual LAN (VLAN).

Wireless has crept up on many organizations. From a situation where it was provided as an additional service for certain specified staff and as a guest service to provide internet access for visitors (and staff), it has gradually increased in importance.

Today, with the upcoming multi Gbps 802.11ac wireless standard, we can now foresee a fundamental shift from wired to wireless networks.
The main problem with this is that the risk assessment and security deployed around wireless haven’t kept up with the pace of change. While many of the actual threats of wireless use haven’t changed, the increasing pace of deployment has significantly increased the risks to organizations.

Companies are often unaware of the risks because they have multi-layered perimeter security in place and don’t realise that wireless access has subverted that security. In addition, a misplaced ‘shoal mentality’ still blinds users to the risks. They realise there are lots of hackers out there, but simply think that there are so many targets, it’s unlikely they will be the one who is attacked.

Potential risks

Misconfiguration
Every time a new access point is added, there is the risk it may be misconfigured. If that happens, the rules that were put in place to protect the network won’t be consistently applied.

Man in the middle attack
This type of attack is where someone presents an SSID (network address) that pretends to be something it isn’t, e.g. your company wireless name. The attackers intercept the name and password of users who are logging in, and pass them through, so it isn’t obvious what they have done. By the way, this is the risk that everyone who logs in at Internet cafes, hotel lobbies, etc. takes.

Connection by unauthorised users
Unauthorised users may connect to the network. It may be disgruntled ex-employees, it may be through identity theft or through ‘man-in-the-middle attacks’. Most organizations are vulnerable because most organizations have something valuable on the network, such as credit card data, online banking information, confidential payroll details, or information helpful to a competitor.

Insertion of malicious code or theft of code via a wireless connection
Access directly onto the trusted network creates a vulnerability for data stealing programs, as well as for data destruction programs - particularly by disgruntled individuals and ex staff.

Data-stealing apps on mobile devices
While Apple isn’t immune, the problem of malicious apps is particularly pernicious on Android devices.

Rogue access points
Well-meaning employees (and sometimes less well-meaning) can put up additional wireless access points to provide wider coverage, without management permission or awareness, creating security risks.

Wireless security

With wireless and mobility becoming ever more ubiquitous, now is a good time to review the risks, security policies and protection that are in place.

Most companies have policies for wireless and mobility that are out-of-date. Since it is the statement of and management of policies that drives employee behaviour, out-of-date and unsupervised policies will almost certainly lead to incorrect employee behaviour, when it comes to mobile security.

Reviewing policies, perhaps doing that with some power users who understand what’s happening with technology and apps, not only gives a clear message to the business that you are serious about mobile security, but can often be a very interesting and enlightening experience. It is also important for users to be aware that wireless security is not only considered essential, but will also be managed and reported on.

The wireless risk profile changes as usage increases and more users are enabled. Many of the threats have changed and migrated down from enterprises to smaller businesses. However, many organizations have not reviewed their wireless and mobility risks in line with increasing wireless use. They are often rolling out increased access and access points without considering the security implications. For those with PCI or data security considerations, a security review is essential.

There are a whole range of things that organizations can do to secure their devices, and mobile networks - too many, in fact, for the scope of this feature. Everything starts with reviewing policies and appreciating some of the risks. At a practical level, however, there are some quick wins:

  • Use your laptop, tablet or phone to scan for network connections and make sure that that all network addresses under your company name are yours. As additional security consider changing the SSID (Network ID) to something other than your company name.
  • Make sure all connections are over a secure VPN.
  • Ensure that all connected devices have at least anti-virus security, including all tablets and smartphones. Suppliers such as Kaspersky and McAfee have solutions in this area.
  • Use two-factor authentication to protect against ID theft.
  • As an absolute minimum, require all users to have a PIN on their devices.

Much of the risk with wireless is around having unregulated (unsecured) devices inside the security perimeter, causing a breach of firewall/UTM (unified threat management) gateway protection.

One solution is to use a firewall/UTM which can integrate with wireless access points, creating multiple security benefits. Firewall/UTM and access point integration means that:

  • Firewall policies are also applied directly to and through all access point traffic, so you have one policy applied on the wired and wireless network.
  • One management console can be used for managing and reporting on access point traffic, as well as gateway traffic.
  • All wireless users can be required to use an encrypted VPN connection.

Conclusion

The continuing shift to wireless, and the increased need to secure against data leakage, is a trend that will accelerate. One of the quickest ways to improve security is by the direct integration of access points into perimeter firewall defences. However, this is an area where threats continue to change and therefore risks continually alter. Some of the above suggestions will give some quick wins, but a security review in conjunction with your IT supplier is essential, particularly as the threats created by mobile devices are significantly broader than just the wireless issues.

About the author
Ian Kilpatrick is chairman of international value added distributor Wick Hill Group plc, specialists in market development for secure IP infrastructure solutions and convergence. Kilpatrick has been involved with the Group for more than 35 years. Wick Hill supplies organizations from enterprises to SMEs, through an extensive value-added network of accredited VARs. http://www.wickhill.com

•Date: 3rd October 2013 • UK/World •Type: Article • Topic: ISM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

BCM software

BCM software

Phoenix

Business continuity software

How to choose an Emergency Notification System