There’s no question data breaches are becoming a bigger threat to companies worldwide, particularly as more and more devices are flooding business networks via the Internet of Things.
In today’s world, IT departments are requiring more sophisticated control over how devices connect, what type of devices can connect, and what they are allowed to do once connected to their wireless network.
Yet enterprises are still overly permissive on bring your own device (BYOD) policies which can lead to security breaches. In fact, nearly half of enterprises that allowed their employees to use their own phones to access their network have experienced data breaches, according to a report by Trend Micro.
We take a look at the 3 top security measures to keep your wireless network safe:
Wireless Intrusion Prevention System (WIPS)
The WIPS provides several built-in intrusion prevention features designed to protect the wireless network from security threats such as Denial of Service (DDoS) attacks and intrusion attempts.
Most enterprise wireless controllers allow manual configuration of the WIPS to protect your wireless network against excessive requests and temporarily block wireless clients with repeated authentication failures for seconds or minutes.
Ensure that you customise the actions to take and the notifications you would like to receive when each threat type is detected through your WIPS configuration window.
Detect rogue APs
When it comes to protecting your data, seconds count. But in 60 percent of cases, attackers are able to compromise your network within minutes, according to the Verizon report. So the faster rogue devices are detected and terminated, the better.
Rogue devices are detected during off channel scans (background scanning) and are simply other access points that are not being managed by another network. Typically, rogue access points are not a threat, however there are certain types that do pose a threat that will be automatically identified by your controller as ‘malicious’:
- SSID-Spoofing: These are rogue access points that are beaconing the same SSID name as your managed access point. They pose a threat as someone may be attempting to use them as a honey pot to attract your clients into their network to attempt hacking or exploit passwords.
- Same-Network: These are rogue access points that are detected by other access points as transmitting traffic on your internal network. It detects packages coming from a similar MAC address to one of those detected from an over the air rogue AP.
- MAC-spoofing: These are rogue access points that are beaconing the same MAC address as your managed access point.
Ensure that the feature is enabled on your network to instruct access points to use the next off-channel scan to begin sending broadcast de-authorisation packages with MAC address cloned from the identified rogue AP.
Access control and policy
IT departments are increasing admission control over users, their devices and their roles on the network to mitigate the risk of internal and external security breaches.
Access control policies determine which client are allowed or denied access to a Wireless LAN (WLAN) and which destination IP addresses or ports an authorised client may access.
Using your Device Access Policy settings, you can identify the type of client attempting to connect, and perform control actions such as permit/deny, rate limiting and VLAN tagging based on the device type. For example, you could allow only Apple OS devices on one WLAN and only Linux devices on another.
Enforce network security policies, help secure user and host access control, and control network access based on dynamic conditions and attributes to ensure your business remains protected.