Businesses and organizations of all types are deploying wireless access for their guests.  Coffee shops, schools, libraries, shopping centers, restaurants, and hotels are just a few examples of places where patrons expect free Internet access.  For some organizations, wireless guest access is as simple as a trip to the nearest discount store, a consumer grade access-point, and a few minutes of setup time.  Some companies will even add a separate Internet connection to segregate their guest traffic from their business network.  But are these methods enough to meet the expectations of their guests while protecting their business?   Let’s examine just a few of the risks associated with wireless guest access:

  • Bandwidth hogs – A single download or streaming media by a small number of users can make the Internet connection unusable for the rest of your guests.  If your business shares an Internet connection with your guests, your business applications could also suffer.  Having the ability to limit bandwidth and prioritize applications is just as important as a strong wireless signal.
  • Wi-Fi freeloaders – Bandwidth is getting cheaper but it still isn’t free.  Most organizations are not in the business of providing free Internet access to their local neighborhood.  A guest network should limit users without making it too difficult for your guests to get connected.
  • Dual-homed hosts – Many devices now come standard with wired and wireless network interfaces.  A system on the protected business network could connect to the unsecured guest network and provide hackers a backdoor into the business network.  Protected business assets should be restricted to secured networks only.
  • Filter bypass – Employees may connect to the guest network in order to bypass web filtering and data-leak prevention controls which are typically deployed on the protected business network.    The guest network should provide visibility and alerting to potential attempts to bypass network security controls by protected assets.
  • Unauthorized or unlawful activity – An organization is still liable for the activity sourced from their Internet connection regardless if it is separated from their business network or not.  A rouge system attached to the wireless network could be utilized to attack other systems or host illegal content.  The guest network should have the ability to track potential incidents back to the original source.

Providing reliable wireless access for your guests while keeping your business network secure doesn’t have to be difficult or expensive.  Contact the professionals at RSM to review your wireless needs and learn more about today’s wireless solutions.