Subscribe

SA's wireless networks lack adequate security

Admire Moyo
By Admire Moyo, ITWeb's news editor.
Johannesburg, 26 Nov 2015
Insufficient wireless security is a concern for most of the IT decision-makers in SA, says Perry Hutton, regional director for Africa at Fortinet.
Insufficient wireless security is a concern for most of the IT decision-makers in SA, says Perry Hutton, regional director for Africa at Fortinet.

Most of the IT decision-makers in SA are concerned about the lack of adequate security on their wireless networks.

This was one of the major findings of a local wireless security survey conducted by network security solutions vendor, Fortinet. The survey involved 103 South African organisations and follows a global survey the company conducted in June.

Both surveys found that while wireless network security is a significant concern among IT decision-makers, a large number of enterprise wireless networks are inadequately secured or not secured at all.

Presenting the local survey findings this morning in Johannesburg, Perry Hutton, regional director for Africa at Fortinet, said the survey reveals insufficient wireless security is a concern for 71% of the IT decision-makers in SA.

This is hardly surprising given that 29% of the enterprise wireless networks put in place for internal employees do not have the basic security function of authentication in place, he pointed out.

A significant 16% and 21% of enterprises respectively, overlook firewall and anti-virus security functions when it comes to wireless strategies, he added. Other security measures deemed critical to core infrastructure protection, such as intrusion prevention systems (deployed by 39%), application control (35%), and URL filtering (41%), play a part in even fewer wireless deployments.

The South African IT decision-makers said the biggest risk to their organisations of operating an unsecured wireless network is the loss of sensitive corporate and/or customer data, with 69% citing this as a concern versus 48% of global respondents.

The next highest risk, service interruption, was cited by 16% of the respondents, followed by industrial espionage (7%), non-compliance to industry regulations (5%), and damage to corporate reputation (4%).

According to the survey, 7% of the respondents said their corporate wireless networks have no controls whatsoever for their guest or visitor access. The most common form of guest security access on corporate wireless networks is a unique and temporary username and password (68%), ahead of a shared username/password (20%), and a captive portal with credentials (13%).

Wireless infrastructure governed by a premise-based controller is a thing of the present, according to the findings (56%), but this trend will change to cloud-based management as only 12% of enterprise IT decision-makers refuse to trust the cloud for such critical management in the future, Hutton explained.

He added that as the bring your own device trend becomes more widely adopted and mobile proliferation continues in SA, IT decision-makers are focusing their attention on the need for an effective wireless network and the implications for overall IT security.

Hutton also noted wireless local area networks (WLANs) are being employed to boost efficiency and offer access to employees, company guests and customers. However, in the changing threat landscape, there are significant risks posed by giving network access to untrusted guests and a multiple of unsecured devices, he said.

According to Hutton, firewall and access control are no longer enough to fully protect sensitive corporate data on WLANs and keep the devices using them secure.

"South African IT decision-makers are aware of the risks facing their businesses through unsecured wireless networks, and most feel they have taken steps to mitigate these. However, the threat landscape is evolving and attacks such as advanced persistent attacks will target multiple entry points, including the wireless network. There is no room for complacency when it comes to securing the enterprise."

Share