In this guest blog our Partner Aerohive explores how to enable mobility while protecting your WLAN.
With the ever-increasing demand for mobility, and wireless rapidly replacing Ethernet as the primary access method onto the network, organizations are cautious of the security challenges that lie ahead.
This is especially true given the demand for access from a growing number of guest and BYO- devices.
Of course it’s not only user-driven devices that are connecting wirelessly. Organizations are seeing a larger array of intelligent systems and services – think Internet of Things (IoT) – that require access to the network for better management, control or efficiency, including lighting, air-conditioning, and surveillance systems. And many of these systems are utilizing Wi-Fi for convenience.
As a result of the mobility explosion, organizations are now hitting a crossroads when trying to plan for both secure and flexible network access. With a variety of users and devices craving connectivity, it is of course a difficult balance. IT wants to allow users the freedom to connect and roam, however this must not come at the expense of network security.
The problem for many organizations is that simple and secure are not two words that are typically associated with one another.
For organizations to retain control of their mobility infrastructure while providing a better user experience, context is king. Who, what, where, when, Wi-Fi. Organizations need to understand:
- Who is connected.
- What devices they can use to connect.
- Which apps they are permitted to use.
- Where they are able to roam.
- Once this intelligence is available, it is much easier to drive security policies at the edge of the network and start to open the doors to the variety of devices that are knocking.
This context-focused approach, however, should be seamless to the user. All of this control should be taking place in the background. In the foreground, the user should be able to connect to the network with just a couple of clicks, whether a trusted corporate user, a welcomed guest, or a BYO device.
This means that organizations must provide a simple authentication method, which will vary in type between the various user and device types. However, the authentication method chosen must provide identity, because without identity, you cannot have context, and without context, you cannot have control!