Almost One-Third of Enterprises Found Lacking Basic Wireless Security
The new survey from Fortinet® , the global leader in high-performance cyber security solutions, reveals that insufficient wireless security is a concern for 71% of the Information Technology Decision Makers (ITDMs); hardly surprising given that 29% of the enterprise wireless networks put in place for internal employees, do not have the basic security function of authentication in place.
A significant 16% and 21% of enterprises respectively, overlook firewall and anti-virus security functions when it comes to wireless strategies. Other security measures deemed critical to core infrastructure protection, such as IPS (deployed by 39%), application control (35%) and URL filtering (41%), play a part in even fewer wireless deployments.
When considering the future direction of their wireless security strategies, 56% of ITDMs said they would maintain focus on the most common security features – firewall and authentication while demand for more security is emerging with 22% prioritizing complementary technologies – IPS, anti-virus, application control and URL filtering – to guard against the full extent of the threat landscape.
Other survey highlights include:
• South African ITDMs said the biggest risk to their organisations of operating an unsecured wireless network is the loss of sensitive corporate and/or customer data, with 69% citing this as a concern (vs 48% of global respondents).
The next highest risk, service interruption, was cited by 16% of ITDMs, followed by industrial espionage (7%), non-compliance to industry regulations (5%) and damage to corporate reputation (4%).
• 7% of ITDMs polled said their corporate wireless networks have no controls whatsoever for their guest or visitors access.
The most common form of guest security access on corporate wireless networks is a unique and temporary username and password (68%), ahead of a shared username/password (20%), a captive portal with credentials (13%).
• Wireless infrastructure governed by a premise-based controller is a thing of the present according to the findings (56%) but this trend will change to cloud-based management asonly 12% of enterprise ITDMs refusing to trust the cloud for such critical management in the future.
Of the cloud-ready respondents, 47% would want to use a private cloud infrastructure for wireless management and 53% would outsource to a third party managed services provider. 20% of those considering outsourcing would only do so provided it is hosted in the same country, leaving 33% happy to embrace wireless management as a public cloud service regardless of geography.
Perry Hutton, Regional Director for Africa at Fortinet, said: “South African IT decision makers are aware of the risks facing their businesses through unsecured wireless networks, and most feel they have taken steps to mitigate these. However, the threat landscape is evolving and attacks such as advanced persistent attacks will target multiple entry points, including the wireless network. There is no room for complacency when it comes to securing the enterprise.”
The findings come from an independent survey of over 100 South African ITDMs at 250+ employee organizations in different sectors including financial services, public sector, health, retail, travel & leisure, manufacturing & construction, FMCG, telecoms & technology. All respondents were sourced from independent market research company Lightspeed GMI’s online panel.