Mobility has caught on with enterprises and its executives too. Companies and small businesses are looking to send their folks all over the world and have them connected though wireless networks. Wi-fi is now ubiquitous. They are convenient, they save time and they are a boon to the already stressed out corporate executive.
The question is: How secure is your company’s data while your employees access their data from one of these points?
Surprisingly, most companies don’t realize that Wi-Fi Spots are vulnerable to hackers. The ease of accessing Wi-Fi is so prevalent that employees don’t even have to think about going online where there is connectivity. The software finds the Wi-Fi zones on its own and voila! You are connected. If your executives are accessing Internet from any of these Wi-fi spots, the question of security of your data remains in the lurch.
At least a whopping 55% of these wireless networks are unsecured -- has inadequate security or no security at all. That leaves you with an equal probability of your corporate data getting right into the lion’s mouth.
If you look at the data given above (courtesy Watch Guard technologies), an unbelievable number of ‘Data theft” incidents close to 52% happen over these unsecured wireless networks, closely followed by “wireless client authentication”, and connectivity loopholes, among others.
The Mind of the hacker and how attacks happen
A hacker can be anyone at all and there is really no point in painting a stereotype as we see in movies. They can be anywhere from the nearest library to the shabbily dressed teenager sitting in the same coffee shop you are in.
The hackers have a plethora of tools available at their disposal -- all the way from LAN Scanners, DOS and DDOS attack tools, encryption-cracking programs and wireless sniffers -- using which they can easily hack into any system they set their minds to. The risk is even higher when it comes to public hotspots because of the fact that most people don’t even think about data security in this apparent ‘working-while-passing-by” phase.
Employees find it very easy to access corporate data on these wireless unsecured networks because of the relative ease with which one can access. It is estimated that about 50% of the employee expose confidential corporate data in this manner.
How to make employees Protect Data while accessing Public Hotspots?
To start with, have a security policy that also discusses and lays out protocol for wireless network access and use of corporate data while accessing it from a public spot. On a much more focused level, each employee must be trained on how to access such data from these networks.
• Windows XP and other prevalent OS must be configured on each employee’s laptop, and other mobile devices such that it can connect only to preferred networks, in infrastructure mode and only upon request, as authorized by the user.
• Users must never accept any third party certificates, keys etc., while using a public wireless network.
• There are plenty of tools and software available, which can ensure that users can connect to “secure” hot spots only.
Prevention, at the risk of sounding clichéd, is always the best course of action for something like wireless security, which is still in the budding stages of leaning over to a total, comprehensive package that can protect you.
Until then, you watch your back.
If you need help in formulating Wi-Fi policies, setting up networks so that you can deploy mobile devices to tether to your network, do give us a shout. We’ll be more than happy to help.