Multiple unidentifiable devices fuelled by Shadow IT create vulnerabilities in enterprise networks

Most organizations think they have their security taken care of but ironically, CIOs today are not accounting for how their network is actually accessed. A single user may be logged on through multiple devices: a phone, a tablet, and a laptop. There could also be myriads of devices on the network that IT doesn’t even know about.

According to Fortinet, the global leader in high-performance cybersecurity solutions, this disconnect is driven by Shadow IT - the result of unbridled use of unapproved devices and services on the network. Shadow IT includes consumer or enterprise applications in the cloud, such as file sharing apps, social media, and collaboration tools. There is often no corporate policy or decision to allow this, and most of the time it is unknown by anyone on their IT team.

“The fact is, about 90 percent of employees and guests are connecting to their network wirelessly and yet wireless APs are often less secure than the wired perimeter. The proliferation of devices and applications is posing serious challenges for organizations that need to ensure the protection of their entire network and guard against advanced cyber security threats,” said Paul Williams, Country Manager for Fortinet South Africa. “It is critical that a security solution map users to devices and control access accordingly and accurately.”

Gartner Group predicts that 33 billion endpoints will be connected by 2020, of which the majority of these devices will be wireless. As more and more wireless devices enter the workplace, companies are striving to maintain the security of their wireless networks.

“When it comes to devices in the workplace, one often thinks of smart phones, laptops, and tablets. But today’s wireless endpoints comprise more than those traditional devices. Organizations may also deploy wireless IP cameras, location-based beacons, and other small devices which often are not capable of supporting traditional security solutions. So this means companies have more and more vulnerabilities to protect for the foreseeable future,” said Williams.

The growing number of small devices that are not able to support security is one challenge. But even traditional wireless devices – smart phones, laptops, tablets – can create security gaps due to the number of mobile applications they run, both for personal and professional use. Contact management apps, games, shopping websites, and even legitimate online news outlets may be infected with malware without the user’s knowledge. This can, in turn, affect the enterprise network as a whole. Users sharing their log-in credentials with guests, or not changing their passwords regularly can also lead to security gaps.

Securing business communications, personal information, financial transactions, and mobile devices involves much more than network access control. It also requires actively scanning for malware, preventing access to malicious websites, end-point integrity checking, and controlling application usage. Protecting Access Points (AP)is paramount to a sound wireless security strategy, and to securely extend physical coverage for users. Today’s APs not only need to support high density environments, but also support security features like Application Visibility & Control (AVC), Wireless IPS (wIPS), and Rogue monitoring —all without the loss of performance.

“Companies need a fabric with deeply integrated security systems that share information across all areas, including wired, wireless, VPN, and cloud environments. When the integration is coupled with machine learning capabilities, the system can flag abnormalities more accurately and more rapidly, and coordinate responses between different security deployments. All of this contributes to better response time for organizations in mitigating threats,” said Paul Williams.