How to Strengthen Your Enterprise Wireless Network Security

Mainstream wireless, especially e-mail and Personal Information Management, plays a prominent role in today's business world. However, many of the associated security risks of wireless are often difficult for IT professionals to get a grip on. Conflicts arise when trying to avoid enterprise wireless network security breaches while also trying to control wireless costs. Knowledge Center contributor Dan Croft explains how to strengthen your enterprise wireless network security.


Today, businesses of all sizes are concerned with corporate data being exposed due to lapses in wireless device security. With expansions to a mobile user base, companies must recognize wireless security as a valid concern.

The consequences of lost or stolen information can ultimately be detrimental to an enterprise. In fact, in this troubled economy (where many companies are essentially disappearing overnight), mass layoffs result in an increased likelihood that unprotected company data could get into the wrong hands.

Ensuring that all handheld devices are password-equipped and wiping devices clean of information after employees leave a company are two ways to help minimize some of the basic security-related anxiety. A company must, however, consider the additional loopholes. Essentially, security in the wireless space can be viewed in three categories: connectivity, data packets and IT policy enforcement. Let's take a closer look at all three categories.

Security category No. 1: Connectivity

Connectivity deals with how the mobile device connects to a company's mail/application servers. Some of the areas you want to take a look at include the specific firewall requirements, as well as the type of connection. For example, do you use a VPN or SSL (Secure Sockets Layer) connection? VPNs will encrypt traffic; SSL connections only handle traffic that is HTTP application-specific.

Do you know who has the ability to see data on your server? The optimal situation would be that only the IT administrators can alter and maintain IT policies. This would involve having control over the transfer of information among company servers, as well as the type of data a specific device can access.

Server data could possibly be susceptible to threats if a firewall port is opened directly into the mail server. Hackers can easily crawl into the server via this vulnerable port. Although one option involves the implementation of a front-end server, it only minimally protects the data. A better option would be a DMZ (Demilitarized Zone) that has both internal and external firewalls (see chart below).