Embed Size (px)
Citation preview
The Sysadmin’s guide to providing Wi-Fi Access Points Without Increasing Risk
Building out of your wired infrastructure is costly and time consuming.
That’s why wired networks are being replaced by wireless ones.
Wireless networks are more agile and flexible.
• employees can work anywhere in the facility
• upgrades to faster speeds & more functionality
• only a few devices need to be upgraded by the IT team
Benefits
Clearly, wireless networks help your business to get more done faster.
Yet the challenge for IT is security.
• increased Wi-Fi access points meansincreased risk of cyber vulnerabilities
• the wireless network goes beyond the perimeter of the building where anyone can see the network
Risks
There are an estimated 16,856 cyber attacks on businesses per year.
Luckily there are easy precautionary steps your company can take.
1. Grant Individual Access
2. Segment Your Network
3. Create a Separate Guest Network
Three Steps to Safely Provide Wi-Fi Access
Step 1:Grant Individual Access
Provide an individual framework for each employee/contractor in which they receive all the IT resources they need to be productive at their jobs - and no more.
Why? Only people that you authorize should be able to attach to your network.
There’s no need to constantly change Wi-Fi passwords as people leave.
This way, you can also remove individuals one by one as employees leave the organization without disrupting other workflows.
“The gap between BYOD use and BYOD policies is both staggering and frightening.”Alan Shimel,CEO at The CISO Group
Step 2:Segment Your Network
With Virtual Local Area Networks (VLANs) you can separate different areas of your network to restrictaccess to sensitive resources to only those with a need to know.
SSIDs can be directly associated with a particular VLAN. This gives users access to critical areas when necessary,even though they are normally isolated from them for security reasons.
Through the use of RADIUS, you can also associate specific users with specific VLANs. This provides you with fine-grained access control on a per-user basis, all through one SSID login.
Step 3:Create a Separate Guest Network
This provides visitors wireless access without authenticating them to greater privileges.
Now guests can’t impact production networks.
For example, if a guest runs a high bandwidth video or downloads a large file, it could decrease the business’s overall bandwidth. With a guest network, this won’t happen.
To recap, wireless networks give IT more agility and flexibility.
By granting individual access to employees, segmenting networks, and implementing a guest network for Wi-Fi, businesses can run and leverage Wi-Fi without compromising their private data.
Check out our entire eBook: The Guide to Doing More Faster. Now with IT Control
In this eBook, thought leaders Gene Kim (author and DevOps evangelist), Rajat Bhargava (CEO JumpCloud), Ben Kepes (Forbes contributor), Alan Shimel (DevOps.com Executive Editor) discuss actionable steps for how modern IT teams build decentralization into their organization while maximizing the security that their IT team needs to keep their organization safe.
