An organization’s wireless network is the weakest link in the IT security infrastructure, according to a worldwide survey of more than 1,490 IT decision makers at organizations with 250 or more employees. The study was sponsored by Fortinet.
All respondents were sourced from independent market research company Lightspeed GMI’s online panel. Almost all (92 percent) said that insufficient wireless security is a concern for CIOs.
Nearly half of IT decision makers (48 percent) said they consider loss of sensitive corporate or customer data the biggest risk of operating an unsecured wireless environment. Seventy-two percent said they have adopted a cloud approach to management of their wireless infrastructure and 88 percent trust the cloud for future wireless deployment.
In addition, 43 percent said they provide guest access on their corporate wireless networks, and 13 percent of these organizations do so without any controls whatsoever.
The survey found that 37 percent of global IT decision makers do not have the most basic wireless security measure of authentication in place.
A significant 29 percent and 39 percent of enterprises overlook firewall and anti-virus security functions in their wireless strategies. Other security measures deemed critical to core infrastructure protection, such as IPS (deployed by 41 percent), application control (37 percent) and URL filtering (29 percent), play a part in even fewer wireless deployments.
Just under a quarter (24.9 percent) said they find wireless networks the
“
most vulnerable,
”
but only 15.2 percent find the core network infrastructure the
“
most vulnerable.
”
Almost two-thirds of respondents consider wireless networks
“
highly vulnerable
”
, and 41.2 percent find core network infrastructure
“
highly vulnerable
”
.
Nearly half (49.9 percent) of respondents deploy wireless networks for adoption of new technology or innovation, but just 15.4 percent deploy those networks for increased network security.
It
’
s a strikingly low percentage, given that 47.5 percent of respondents named loss of sensitive corporate or customer data as the biggest risk of operating an unsecured wireless network.
In addition, the survey found 57.5 percent of respondents don’t provide visitor or guest access on their corporate wireless networks, although more than three-quarters (76.1 percent) said they allow employees to use their own personal devices on corporate networks, and 51.3 percent say that employees can access sensitive corporate data with their personal devices.
However, 45.7 percent say employees cannot access corporate data on personal devices, and just 3 percent said they are unsure or don’t know.