The primary goals of any corporate network are consistency and reliability. Consistent network performance helps avoid unnecessary downtime, improves productivity and reduces total cost of ownership (TCO), but threats to that reliability are coming from an ever-increasing number of sources.
With continued advances in wireless technologies, there are many more employees working remotely using personal devices. They may be at customer locations or a home office and some work even while on vacation. These personal devices access a variety of wireless networks outside your corporate network. There is no doubt that this wireless freedom increases productivity and provides a level of autonomy to employees, but with this access, there are increased risks to the corporate network.
Of all of the threats faced by your network security, few are as potentially dangerous as the rogue wireless access point.
What exactly is a rogue access point?
A rogue access point is an unauthorized device operating on a corporate wireless network. The device is often a cell phone or tablet. Potential problems arise when the device discovers the company’s wireless network which creates an access point. Although this can be considered a security breach, it typically is not implemented maliciously. These breaches usually come from an employee looking for a convenient way to use the company’s wireless network. And, it is not just cell phones. A rogue access point could be a WLAN card plugged into a server or a mobile device attached to a USB that creates a wireless access point. Other unauthorized wireless devices may be hidden inside a computer or other system component, or be attached directly to a network port or network devices, such as a switch or router.
For instance, an employee working at a customer site uses their cell phone to connect as a “hot spot” to their computer for a company presentation. They return to the office still connected not realizing their RF signal interferes with the corporate network. In another case, an employee puts a unencrypted wireless access point in the conference room for a customer project. It is well-intentioned; they do not realize that their access point could be used by a hacker to enter the corporate network invisible to the company’s internal network monitoring.
Although not typically malicious these access points can open up the corporate network to security threats. For instance, an employee uses their cell phone at lunch to download a web app. The app contains innocuous malware designed to quietly collect information. This malware then reads stored data like emails, text messages, attachments, credit card numbers, and log-ins and passwords to corporate networks. The employee returns to the office, accesses the company wireless and unwittingly contaminates the corporate network.
In addition to cell phones and tablets, the internet of things (IoT) is introducing new devices that are a growing risk to your network including wearables like Fitbit and Apple Watch. Although manufacturers security protocols are constantly being revised and upgraded, new IoT devices are constantly entering the market presenting new threats. According to research from Gartner, by 2020, experts estimate that more than 25 percent of identified enterprise attacks will involve IoT. Yet, IoT will account for “less than 10 percent of IT security budgets”.
Rogue access can occur in any type of organization and cause performance issues that are hard to identify due to the nature of wireless connectivity. Many factors affect a wireless signal including, RF interference from signals using the same frequency as a wireless access point and the number of users connecting to an access point. Either of these can affect the overall throughput and performance of your entire wireless network.
How do you know if your network is being impacted?
Many companies may not fully understand the critical details involved with wireless networking and often activate such networks without proper security measures or an understanding of the latest technologies for detection and removal. If breaches occur, performance and reliability will be impacted but it may take weeks, months or longer to identify the problems, locate rogue access points and remove or manage the potential threats.
Solving the problem
Threats from mobile devices are increasing and can result in data loss, security breaches and compliance violations. Solving the problem depends on the scale and size of the organization and can include risk assessment, policy changes, as well as technology implementation. To discover and monitor unauthorized access points, it takes diligent observation, the right tools, and a bit of intuition that comes from experience.
Rogue wireless devices threaten the quality and consistency of service to your customers as well as the reliability and security of your network. Do you have an unidentified network performance issue? You may need some expert help.