The growing popularity of bring-your-own-device (BYOD) programs is contributing to increased network traffic on both small and large scale environments. Since IT operations are becoming more and more a part of business operations, “always on” access to company resources has become more of a necessity than a nice-to-have.
With the prevalence of wireless networks and their integration with traditional wired environments, administrators need to implement more stringent security regiments into their network planning to ensure that the organisation can leverage the power of wireless without compromising security.
Provide secure wireless access with strong SSID’s and passwords.
The very first step is to make sure that you configure your SSID to something unique and that is not directly related to you company. SSID’s floating around advertising the availability of access to your organisation’s network may attract the wrong kind of attention. Also, complicated passwords for your wireless network may seem cumbersome for staff to learn, but the need for it exceeds any desire for short, convenient passwords. For enterprises, it is recommended that IEEE 802.11i or a VPN should be configured. Consider using Active Directory, LDAP or other domain authentication technologies depending on what type of network you are running.
Access management with VLAN’s.
Each department within your organisation will require access to specific resources within the network. Finance staff will need to access payroll and other accounting systems along with access to the financial documents. Marketing staff will have their own access requirements, and so on. Use VLAN’s to segment the network to provide access to resources relevant to staff function only. Segmenting your wireless network also allows for protocol separation, meaning network engineers can allow only certain protocols on specific network segments. This adds an additional layer of security in your wireless environment.
Secure access to the wireless management console.
This can be overlooked at times, but building security into your management console is equally as important when it comes to wireless network planning. Once accessed, rogue users or hackers can wreak havoc with your wireless network configuration and severely compromise the security of your environment. Consider restricting access to the management console to nodes that are connected to the network with an Ethernet cable only, or creating an additional VLAN which acts as the only access method to the management console.
Wireless means more access but also more risk.
Wireless has given organisations much more agility in terms of how staff work. Each organisation should include a comprehensive wireless network planning strategy that brings the benefits of wireless, minus the dangers. With the added convenience of “anywhere, anytime” access to the network, administrators need to be more security conscious than ever before. Striking the balance between availability of resources and security requirements can be a tightrope for IT departments, but implementing a few practical steps will allow you to extend employees reach into the network without compromising your company’s information.
Image Credit: Pixabay