Guest blog post by our Partner Aerohive
As the demand for mobility continues to increase, and Wi-Fi quickly is replacing Ethernet as the primary access layer, many organizations are facing new security challenges. This is especially timely with the greater demand for access from an ever-increasing number of guest and BYO-devices.
Of course, it’s not only user-driven devices that are connecting wirelessly. Organizations are seeing a larger array of intelligent systems and services – think Internet of Things (IoT) – that require access to the network for better management, control or efficiency, including lighting, air-conditioning and surveillance systems. And many of those systems are using Wi-Fi for convenience.
As a result of the mobility explosion, organizations are now hitting a crossroads when trying to plan for both secure and flexible network access. With a variety of users and devices craving connectivity, it is of course a difficult balance. IT wants to offer users the freedom to connect and roam; however, that must not come at the expense of network security.
The problem for many organizations is that “simple” and “secure” are not two words that are typically associated with one another.
For organizations to retain control of their mobility infrastructure while providing a better user experience, context is king: who, what, where, when, Wi-Fi.
Organizations need to understand:
- Who is connected
- What devices they can use to connect
- Which apps they are permitted to use
- Where they are able to roam
Once that intelligence is available, it is much easier to drive security policies at the edge of the network and start to open the doors to the variety of devices that are knocking.
Such a context-focused approach, however, should be seamless to the user. All of this control should be taking place in the background. In the foreground, the user should be able to connect to the network with just a couple of clicks, whether a trusted corporate user, a welcomed guest, or a BYO device.
That means that organizations must provide a simple authentication method, which will vary in type between the various user and device types. However, the authentication method chosen must provide identity, because without identity, you cannot have context, and without context, you cannot have control.