Posts

Wireless Security: Why You Need to Take It Seriously In 2018

When waves of cyber attacks hit last year, such as WannaCry and Not Petya ransomwares, businesses lost billions of dollars in high-profile breaches. In addition, more than half of the U.S. population’s Social Security information was compromised in the Equifax breach. It was a record-breaking year.

Perhaps the only good that came out of these fiascos is that users became more aware of the importance of cyber security. But it is no longer sufficient to only care about wired network security. Organizations and businesses also have to pay attention to other aspects of security, such as physical security and wireless security.

In line with multiple cyber security forecasts, such as our 8 Cyber Security Predictions for 2018, organizations need to watch out for more sophisticated attacks in 2018. According to the Wi-Fi Alliance, more than 9 billion wireless devices will be used in 2018. Gartner forecasts connected devices to rise from 11 billion in 2018 to over 20 billion by 2020. With the proliferation of wireless-enabled and IoT devices, wireless network security is vital.

However, not all wireless security solutions are equal. Last year, for example, many dealt with KRACK (Key Reinstallation Attack), which leveraged a WPA2 vulnerability that could lead to man-in-the-middle attacks. While many wireless vendors suffered this vulnerability, SonicWall wireless access points were not vulnerable.

How do I choose a wireless security solution?

It can be easy to get drawn in by sales pitches that show you pretty dashboards, features that you don’t need or seldom use, or super-expensive gear that you pay a premium for just because of the brand name.

Instead, take a step back and think of what you really should care about: a Wi-Fi connection that actually works with unfaltering security. Make sure you are committing yourself to a vendor that takes security, user experience and reliability very seriously.

How can I make my Wi-Fi secure?

Organizations, small- and medium-sized businesses (SMB) and individual users can implement cyber security best practices to drastically reduce Wi-Fi vulnerabilities.

  • First and foremost, make sure that you are not broadcasting an open SSID (how others see and connect to your wireless network)
  • Adjust the transmit power on your access points to serve just the area of coverage that is required
  • For corporate networks, separate guest users from internal users
  • Turn on rogue detection and ensure that firewall settings, such as DPI-SSL/TLS are enabled on your network
  • To further improve security, add a firewall to your network

Wireless is an overlay to your wired network. Adding a firewall with an integrated wireless controller capability to your network will further enhance the security of your entire network. The benefits of adding such a firewall include:

  • Complete management of wireless and wired infrastructure
  • Granular application identification, control and visualization
  • Discover and block advanced threats and vulnerabilities
  • Improved security posture and performance that scale to your business requirements

Though there are many wireless security features that can enhance your wireless security, some are more critical than others. Basic functionalities like Wireless Intrusion Detection System (WIDS) and Wireless Intrusion Prevention System (WIPS) must be supported across wired and wireless infrastructure.

Others cyber security capabilities, like application control, content filtering and deep-packet inspection (DPI) even over encrypted traffic, are all essential.

Adding multi-layered security protection to your overall network infrastructure will help minimize network breach success. In order to support the next-generation mobile workforce, BYOD and ability to implement wireless guest services is significant. Site tools can be used to survey wireless signals to optimize the required area of coverage.

These wireless security capabilities, coupled with single-pane-of-glass management, makes it effective and efficient for network admins to have visibility into the network and detect threats on a real-time basis.

Should I buy a SonicWall wireless access point?

SonicWall is a pioneering leader in cyber security, providing seamless security and comprehensive breach detection across wired, wireless, cloud and mobile networks. Best-in-class security latest 802.11ac Wave 2 technology, and an attractive price point make SonicWave wireless access point solutions a sound choice for organizations of all sizes and industries.

[foogallery id=”5554″]

SonicWave wireless access points come in three options:

  • SonicWave 432i (internal antenna version)
  • SonicWave 432e (external antenna version)
  • SonicWave 432o (outdoor access point)

The SonicWave 432 Series comes with a built-in third radio for dedicated security scanning. While many companies provide security and wireless products, SonicWall offers a true end-to-end secure wireless solution.

Need more information about wireless access security? Read our executive brief, “Why You Need Complete Wireless and Mobile Access Security.” Together, let’s make sure your network is ready to face these challenges, and create a fail-proof network for a secure, next-generation user experience.

SonicWall SMA OS 8.6 Delivers Seamless Remote Access Using Web-based Access Methods

Smartphones, laptops and internet connectivity have become necessities of life. We move around with powerful computing devices in our pockets or backpacks. This “on-the-go” lifestyle has transformed the way we work. Employees today want on demand access to resources and the ability to be productive from anywhere.  Organizations too are embracing cloud and mobile, and allowing employees to use their personal devices for work. This is a win-win situation for employees and organizations but also a big challenge for IT departments. IT has the daunting task of providing secure access to corporate resources without exposing risks such as:

  • Unauthorized users gaining access to company networks and systems from lost or stolen devices
  • Malware and ransomware infected devices acting as a conduit to infect company systems
  • Interception of company data in-flight on unsecured public WiFi networks
  • Loss of business data stored on devices if rogue personal apps or unauthorized users gain access to that data
  • The ability to react as quickly as possible to minimize the window of exposure before an attacker can potentially cripple the organization

To address these risks and empower IT, SonicWall Access Security (SMA) solutions with policy-enforced SSL VPN deliver seamless remote access with the highest standards of security. SMA OS 8.6 expands the feature set on the Secure Mobile Access (SMA) 100 Series appliances with enhanced security and intuitive features that deliver the best experience for remote access.

  • Microsoft RD Web Access integration – Admins can now select to offload applications on the RD Web Access portal, onto any web browser. This new feature provides users with seamless access to remote desktops and applications through web browsers.
  • Enhanced security – SMA uses an in-house connect agent to establish a secure connection for RD Web Access without needing to set up a VPN tunnel. The agent has no dependency on Java or Active X.
  • Driverless printer redirection –Print files from remote desktops seamlessly, just like printing a local file. Files on remote desktops can be published as a PDF on your local machine and can be printed locally.
  • Modernized UI – A refreshed UI that is even more intuitive for users and admins. The firmware conforms to the new SonicWall branding guidelines.

Customers with an active support contract can download SonicWall SMA OS 8.6  from mysonicwall.com.

Mobile Workers and BYOD are Here to Stay: Is Your Data Secure

The way business professionals work has changed dramatically over the last several years, and continues to at an ever-growing rate. They are on the go and working from different locations across all hours using many devices to allow for a work/life balance. We have become an “always-on” society.

Workers are also doing more work remotely, whether it be at a coffee shop, on the train to work, or on a business trip from a hotel room. People want to stay in touch wherever they are and whenever they need to. They also want to use the device they like, whether it is a smartphone, tablet or laptop. In addition, they also need access to the applications they choose to use, some from their work, others of their own. And most importantly, they need access to the data required to do their jobs, whether it is online through the Internet or behind their company’s firewall on the intranet.

Companies clearly need to find a way to provide their mobile workers secure access to any data from any device at any time. That said, companies’ IT organizations need to understand the risks they are opening themselves up to if they don’t take necessary precautions including data loss, malware, device proliferation, rogue applications, lost and stolen devices with data onboard, credential theft, etc.

Today, IT can implement a number of solid mobile workforce management and mobile security management tools to help secure mobile data and devices, such as:

  • Mobile Device Management (MDM)
  • Mobile Application Management (MAM)
  • Secure Sockets Layer Virtual Private Network (SSL VPN)
  • Network Access Control (NAC)

Learn more about what the industry is seeing around providing secure mobile access over BYOD by reading our executive brief, “Ready or not, mobile workers and BYOD are here to stay.”

The Future Looks Bright for Mobile Worker Productivity

Managing and securing mobile data is about to get a whole lot easier. Mobile platform providers, historically focused on the consumer, are now investing heavily in new OS features that will seamlessly integrate with mobile management and security solutions and allow businesses to more easily enable mobile access to more data and resources without compromising security.

Historically, IT departments protected corporate networks and data by only allowing trusted devices and users to connect to the network. IT could limit the threat of data loss and malware by controlling and managing PC and laptop and software images and configurations. In the new mobile era, IT has limited control or management over devices. Workers are often independently choosing their smart-phones and tablets as well as the apps and services they use to address business and personal needs.

So, with limited mobile device control and management, how can IT keep company data secure while enabling mobile worker productivity?

The leading mobile platform providers recognize the challenge businesses face and are adding new features to make it easier to secure and manage business apps and data on devices, whether corporate or personally owned. And they’re partnering with third party mobile management and security providers to help give IT control to secure and manage the mobile data workflow. Key mobile platform features enabling mobile for business include:

1. Managed separation of business and personal apps and data

Mobile OS’s are architected to allow data to be easily shared by apps. While this ease-of-use and transparent interaction and sharing between apps is beneficial for personal use, it can be problematic for businesses that want to protect data. For example, many social apps mine contact lists from other apps and invite contacts to join their service. With this, confidential customer contact information stored in a business app could unintentionally be “shared” to a personal social app, leaking customer contact information and potentially damaging a business’s reputation or violating regulatory rules. Another risk, if a rogue app is downloaded to a device, mobile malware or vulnerabilities may be present that can steal data or provide an entry point for a cyber-attack.

To address these issues, the new generation of mobile operating systems is adding features that, with third party mobile management tools, will help better secure business apps and data on mobile devices. IT, with mobile user permission, will be able to more easily deploy and manage trusted mobile apps for business and enforce security policy to protect company data, while personal apps and data will be isolated from business apps, preventing data leakage. To meet mobile user demands for personal app and data privacy, IT will be restricted to only manage business apps and data. With these new built-in OS features, today’s proprietary secure containers that isolate and secure business apps and data on mobile devices, will be less necessary, helping to reduce IT cost and complexity.

2. Managed apps

To further support mobile for business, mobile platform providers are making it easier for app developers to build “managed apps”, apps that can be configured and managed by mobile management tools. For these apps, IT will be able to use third party mobile management tools to configure app level policies that affect the actions an app may take. For example, a managed email app implemented with the new mobile management control protocol could be remotely configured to only allow email and attachments to be viewed from the email app, and disallow copy, cut and print functionality to keep business data secure and encrypted within the app and not allow sharing with other apps.

3. App level VPN

Businesses today often deploy VPNs to securely connect mobile and remote workers with company networks and resources, a necessity to encrypt data in-flight and protect from data theft. However, when a device is used for business and personal use, if the VPN is enabled, personal traffic also uses the corporate VPN which can impact network bandwidth and contaminate backend resources. Ideally, to preserve corporate network bandwidth, only business apps and data should use the corporate VPN.

To address this need, mobile OS, security and management technologies are evolving to allow per app VPN capabilities. With per app VPN, security and management technology may be configured with policies to initiate a VPN whenever a business app launches such that business traffic from the mobile device travels through the VPN while personal traffic does not.

So, with these new mobile management and security capabilities, what should businesses do to accelerate mobile adoption and productivity?

Get ready for the next wave of mobile technology. For information on the management and security solutions you need to help enable mobile workers productivity while protecting from threats, read our eBook, Secure Mobile Access.

Mobile Security Checklist to Minimize Risk

The number of mobile devices in the workplace is exploding and with this, a new frontier for cyber-attack is emerging that poses a significant risk to business. As the great philosopher and strategist SunTze wrote, “Know your enemy and know yourself and you can fight a hundred battles without disaster.”

Threat analysts are finding that malware isn’t just a problem for laptops any more. For example, reports indicate that the CloudAtlas campaign, a sophisticated advanced persistent threat that initially targeted windows machines, has made its way to mobile platforms including Android, Apple IOS and Blackberry systems. Our own SonicWall Security Threat Research Center uncovered the Android counterpart of the CloudAtlas campaign. This malware masquerades itself as an update for the popular messenger app Whatsapp, and in turn, spies on a victim’s device to obtain sensitive data,such as texts, contacts and calendar information, and passes it back to the attacker, creating a huge business risk.

Could you, or one of your employees unknowingly have a mobile device infected with malware harvesting your confidential business data?

Fundamentally, there are two key business risks that you need to protect from as workers go mobile. The first, is theft or loss of mobile data. The second, is mobile devices becoming conduits for malware attacks that affect corporate systems and data. So what are the mobile threats you need to be aware of to protect your business?

Here’s a checklist of threats you need to be prepared to tackle in the mobile worker era:

  1. Lost and stolen devicesNo surprise here. If a device is lost or stolen, and corporate data was stored on the device, there’s a risk of confidential data loss. An even bigger risk, is a lost or stolen device being used to gain access to corporate data and apps on the back end. Significantly more data could be impacted if an unauthorized user with a lost or stolen mobile device gains access to the data center. This is particularly problematic for businesses subject to regulatory compliance.
  2. Mobile malware and vulnerabilitiesAnother concern is rogue apps downloaded to devices containing information-stealing malware, such as the CloudAltas threat discussed above, or vulnerabilities with devices, OS design and 3rd party apps. These threats provide entree for attacks and can lead to data theft and downtime. Again, this is a risk for data on the device, but potentially an even bigger risk if the device becomes a conduit for malware to infect backend data systems and cause data loss or downtime.
  3. Data leakage through 3rd party appsCorporate data and apps co-mingling with personal data and apps on devices can also create risk and lead to corporate data leaking, either intentionally or unintentionally. For example, many social apps mine contact lists from other apps and invite contacts to join their service. With this, confidential customer contact information stored in a business app could unintentionally be “shared” to a personal social app, leaking customer contact information and potentially damaging a business’s reputation or violating regulatory rules.
  4. Insecure Wi-FiLastly, the riskof man-in-the middle attacks. Attackers can snoop data if traffic is sent over unencrypted networks such as public wifi. Data in-flight is likely the pulse of the business. It likely contains fresh, sensitive data, and may even contain data subject to legal or regulatory requirements for confidentiality. If that data is intercepted, it could be damaging to the business. Although the relative quantity of data lost or stolen in case of in-flight traffic interception is likely small, the potential for damage is still there. So, to protect in-flight data from interception, data should be encrypted.

Mobile Security Solution

So, now that we reviewed the top threats, how can you prepare to win the mobile security battle to come? To protect from these threats, the best defense is a good offense.

Secure container and encryption technologies such as Enterprise Mobility Management (EMM) can help isolate and secure business apps and data on mobile devices. This a great start, but company data and networks are still at risk if only on-device data protection is addressed. Security is an end-to-end mobile workflow challenge.

For comprehensive mobile security, in addition to EMM, deploy security and access control technologies in your IT infrastructure that authenticate users and interrogate devices, OSes, mobile apps and validate their integrity. Only grant VPN access to trusted users, devices and business apps to help protect from rogue access and malware attacks. Also deploy, next-gen firewalls to scan mobile traffic entering your network and block malware before it infects corporate systems and data. Next-gen firewalls can also scan mobile traffic entering your network and block malware before it infects corporate systems and data and block access to and from disreputable web applications and sites, adding another layer of protection.

For more information on the security and access solutions you need to enable mobile worker productivity while protecting from threats, read our eBook: SonicWall Secure Mobile Access.