Impact of Technology on Wireless Security

by [Published on 3 Feb. 2016 / Last Updated on 3 Feb. 2016]

This article looks at how technology impacts wireless security.

The utilisation of wireless is common place, robust and quality wireless technologies are now expected. However, the evolution in technologies and the ways in which we undertake daily tasks and how we utilise wireless to help achieve this, may be more disruptive and challenging to wireless security than anticipated. Wireless security is always going to be a priority but with changes in functioning and evolving tech an impact on wireless security is likely to be evident.

Introduction

Wireless enables much opportunity for technological advancement but wireless has the potential to bring additional security risk as well. Wireless works well at sufficient speed with little disruption and enables capabilities that otherwise may have been more arduous without. Wireless electricity is even likely to be on its way.

As the tech is evolving rapidly, it is difficult to stay abreast of all the changes, and this will continue to be the case. We are becoming a society with amplified connectivity, not only are individuals continuously online so are devices, appliances and smart products, most of the time we are unaware that we are even connected, and this will only escalate with time. A robust, unfailing and secure wireless connection is now a prerequisite more than ever. I refer to wireless works as 3D networks that can be reached even when outside of the building.

It is suggested that with the evolution of technologies and operations we may experience a disruption with regards to security. The expanse of artificial intelligence, augmented reality, innovation, IoT as well as the increase in professional cyber-crime all heighten the security challenges of wireless. The aim is to achieve improved efficiency, availability, adaptability, resilience, reliability and capacity but these should not be achieved at the cost of security.

The value placed on our data has grown exponentially along with the volumes of data collected. The ways in which technology is advancing, this will become heightened and this data must be secured.

As we become more connected, our data, personal lives, vehicles etc., there is a growing awareness that security will become more of a challenge. The impact of security or lack there of, will potentially be able to cause exceedingly more damage on an organisational as well as a personal level than when before we were so ‘connected’. Security must be the best it has ever been and must be maintained at all costs-the challenges are big but the risks and consequences most likely bigger.

With all these changes it is becoming difficult to obtain and maintain the skill sets required to support and secure these products, processes and systems. The tech is moving at such pace and changing continuously that we often find that just as individuals are getting the hang of or resolving one issue it has moved beyond, only for new issues to surface.

Having noted all of the above, although wireless security has been made a priority within most organisations, many organisations remain concerned (and rightly so) that they are still unable to achieve even the basics for effective wireless security. Without the basics mastered, even greater disruption and consequence with growth can be anticipated, especially when focus will be on performance and capacity to support evolving technologies and growing numbers of endpoints.

Wireless security shortfalls

A recent study as portrayed that there is particular uncertainty with regards to the present state of basic wireless security within some organisations. With wireless commonplace, for sometime already, it would have been expected that the security basics would be fine tuned but this seems not to be the case. This is particularly disconcerting knowing that large changes in this space are only going to make securing this area that much more convoluted. We should have the basics sorted.

Unfortunately, without achieving the security basics organisations can expect more disruption and challenges in the future.

Wireless security basics

Where organisations are falling short

Access control

Wireless networks are most vulnerable

Authentication

Insufficient wireless security practices

Authorisation

Lack authentication procedures

Data security

Data is not private

Intrusion detection

Data is compromised and misplaced

Intrusion prevention

Access is being allowed without necessary controls

Monitoring

Cloud is impacting security

  • Wireless Networks are vulnerable

Wireless networks are noted as still being most vulnerable within the IT infrastructure and to add to the concern many organisations are unable to ensure that the basic wireless security components are in place and working efficiently. Many ignore antivirus and firewall precautionary measures as part of their wireless strategy. Control of applications and URL filtering as well as IPS is also rarely considered as important. All these security measures are critical as part of a basic security strategy.

  • Insufficient wireless security

Organisations are now more aware than ever of the importance of wireless security and the risks associated with a network that is not properly secured. That being said, because of the greater awareness the levels of concern are also more heightened and unfortunately the organisations that are usually overly concerned are the ones that do have sufficient security in place and it is the organisations that are not concerned, that should be, with very little security in place however none the wiser. Knowledge is key but it must be put into practice.

  • Data is vulnerable, not properly secured

Organisations are not securing their data. Data is going missing. This is not acceptable. Organisations are at risk of espionage, interruption of operations and service, destruction of reputation, being non-compliant and not only placing the organisation at risk but also the employees and customers or client’s data. The data asset is now, more than ever, most valuable, with the evolving technologies the amount of valuable data accessible via wireless will only increase. Organisations are still finding that their data is at risk through wireless due to insufficient security practices. Damage to corporate reputation could mean the end of the organisation and thus this should not be taken lightly.

Data must be protected and kept private. Encryption is a very necessary solution to implement to ensure privacy and security of data.

  • Access is not controlled

Many organisations offer guest access onto their corporate wireless networks. The issue with this is that many of these organisations do this without utilising any form of proper access controls. People can access the network freely and this has potential to have negative impact on the organisation.

  • Cloud

Wireless now and in the future will be mostly managed in the cloud together with most critical management procedures. Not all organisations are cloud ready with regards to security and this will impact other security aspects of the organisations including that of wireless security.

Impact of tech on wireless security

Evolving technologies will impact wireless and wireless security. We can expect a significant increase in the data communicated and data traffic will approach exponential growth and be quite unpredictable. The number of endpoints that will require support at any given interval will be huge. On top of this the concerns of basic wireless security will still be prevalent and increasingly so; data security, access control, along with managing performance, capacity, traffic fluctuations and scalability.

With the increase in the number of endpoints the threat expanse grows significantly. It is important to ensure that not only the basics of wireless security are achieved but that the security within the organisation is the best it can possible be so that a solid foundation is present and the organisation is able to adapt to meet the new challenges that they may be faced with.

Organisation must take control of wireless security

Steps to achieve the basics for wireless security:

  1. Conduct a risk assessment (identify assets, threats, vulnerabilities, potential incident impact)
  2. Develop a security program (standardise security and operational procedures and determine requirements and roles to align with objectives)
  3. Consider potential technologies to leverage (to improve business function, improve security, detection, monitoring, response, access control, authentication, data security, processes to achieve compliance requirements etc.)
  4. Review and maintain the security program on a regular basis (advances in technologies and more connected technologies maintenance is importance to mitigate new threats and vulnerabilities)
  5. Wireless vulnerabilities must include those from a threat as well as a performance perspective
  6. Develop counter measures for risks based on the wireless technologies deployed
  7. Infrastructure must be prepared for wireless to avoid security and performance concerns best
  8. Manage and maintain devices etc. that connect to the wireless
  9. Technology vetting is essential (Physical security, application, infrastructure impact, cyber security)
  10. Vet relationships with technology manufacturers (they should understand and support your security requirements in design, implementation and operation)
  11. Maintenance is very important (establish a life-cycle management program to keep on top of things and remain proactive)
  12. Monitoring, security audits and testing is essential

Conclusion

For some organisations wireless security has not been given enough priority. Technologies will continue to advance and so will the security challenges and the impact on wireless security. Multiple entry points will increase the potential points for advanced persistent threats on organisations. Wireless security is a vital part of the organisations security posture. Organisations must ensure that their infrastructure is appropriately prepared for the challenges of wireless and be clear on how to maintain and manage this over time. If organisations want to adopt these advancements in technology and utilise them successfully and securely a secure wireless foundation is essential.

See Also


The Author — Ricky M. & Monique L. Magalhaes

Ricky M. & Monique L. Magalhaes avatar

Ricky M Magalhaes is an International Information Security architect, working with a myriad of high profile organizations. Monique is an international security researcher, she holds a BSc Degree (Cum Laude). Previously she has focussed on research and development at leading enterprises in the Southern hemisphere.