The Dangers of Letting Employees/Customers Connect to Your Network
There are security issues you need to take into consideration should you allow your employees and customers to connect their own devices to your network. In this article, we’re going to explain why it’s simply a bad idea to do so while exploring some related elements such as the rise of Bring Your Own Device (BYOD), the importance of having a segregated guest network (wired and wireless) and the more advanced security features available like Network Access Protection (NAP) and client certificates.
While the dangers of introducing a system-crashing virus from, say, streaming Netflix or Spotify are slim, what happens when a greater threat is posed? We’re not talking about letting workers download their favorite Justin Bieber songs on company gadgets; we’re referring to the possibility of opening up your business’ network to malware and security breaches. You see, once employees – or customers in your store, for that matter – attach their personal devices to the corporate network, it’s critical to protect that network against viruses and other intrusions.
Consider that there could be a major denial of service because a user’s 13-year-old son visited an inappropriate website and infected their machine with a bot, which then infiltrates the corporate network and can take as long as 30 days to clean out. This is just an example, but the bottom line here is that allowing an unmanaged employee or customer device to access your network is a bit like getting unwrapped candy bars at Halloween…because, first, you don’t know where it’s been, and second, it’s kind of risky to consume it.
Enter the Bring Your Own Device Solution
Bring Your Own Device (BYOD) is a term created to describe a scenario wherein employees are using their own mobile tablets and devices in the workplace. Let’s face it: In this day and age, employees want to use their own smartphones and tablets when doing their jobs because they believe their mobile applications are necessary to get work done.
Mobile apps allow for simple and better-to-manage solutions in many instances for business owners, a reason why BYOD’s popularity has been on the rise. Additionally, BYOD can help with:
- Increased productivity
- Reduce company device costs
- Ease of transition of incoming/outgoing employee mobile access
- Improved employee loyalty
The Importance of Having a Segregated Guest Network
If you are a small business owner, you should consider creating a Wi-Fi guest network, which uses a different SSID from the wireless network that you and your employees access (thus it can be considered a wired/wireless approach). It is designed specifically to provide visitors with internet access while keeping your main Wi-Fi network separate and secure.
Opening up your network to guests means security can’t be an afterthought; secure guest Wi-Fi for business is a must. As such, we often recommend network segregation, which is important because visitors won’t be able to gain access to parts of the network used by your employees. In a similar fashion, because nearly every employee possesses at least one mobile device that they use for work, these devices represent one of the biggest attack vectors in the enterprise sector; by turning to a guest network solution, employees can connect their smartphones, tablets, etc. to a dedicated Wi-Fi network that is separate from the one used for guests and perhaps contractors.
Advanced Security Measures: Network Access Protection and Client Certificates
Microsoft Network Access Protection (NAP) is a policy-based management feature of Windows that allows a network administrator to control access to network resources. It prevents authorized users from remotely logging into the office network using computer systems that haven’t been through a security vetting process in accordance with the company’s network security policies. Think of NAP like this: Imagine foreigners allowed entry into a country without having prior knowledge of their criminal background. NAP was developed to handle these remote access threats.
Another advanced security measure businesses have been taking involves the client certificate, a type of digital authorization that is used by client systems to make authenticated requests to a remote server.
For more information about client certificates and everything else outlined in this post that can help you with network security, contact the experts at DMS iTech.