Three Wireless Trends Impacting Enterprise Security In 2022
It’s a bold statement, but I predict every enterprise organization will be impacted by one or more of three key wireless trends in the next 18 months.
When we hear “wireless,” most of us will immediately associate it with “Wi-Fi” — the 802.11 WLAN standard we know, (usually) love and use daily both at home and in the office. But wireless encompasses so much more than just traditional Wi-Fi, and the burst of digital transformation combined with enterprises’ escalating security demands is proving ripe for the emergence of novel wireless use cases and, therefore novel, sometimes repurposed, wireless technologies.
Here’s a look at the top three wireless trends that I believe will shape the face of network security architecture in the enterprise.
New Wi-Fi Standards And Security
While wireless extends beyond it, Wi-Fi is still the leading technology for our hyperconnected and very mobile world, so it’s worth noting two significant changes every organization should be prepared for, starting with the new Wi-Fi security standard.
Our dirty little secret in Wi-Fi is that we’ve been limping along with the same security standards for 15 years — eons in the context of the rapid advancements in cryptography and security protocols. Announced in early 2018, the latest Wi-Fi Protected Access version (WPA3) is just now making its way through all the enterprise Wi-Fi products. The new security standard brings several notable improvements for enterprise security architecture, including all three types of networks: enterprise-secured (802.1X), pre-shared key (PSK-based networks) and open networks for guest portals.
In addition to much better application of cryptography, stronger algorithms, forced mutual authentication and even encryption for open guest networks, the new security suite promises enhanced resiliency by securing Wi-Fi management traffic and preventing downgrade attacks that are common vectors for both penetration testers as well as malicious attackers.
The good news is, WPA3 is designated for continuous improvement, ensuring organizations will have enhanced protection and new security controls as the threat landscape changes. The bad news is, taking advantage of WPA3 has some gotchas when transitioning from legacy WPA2 — meaning security and IT leaders will need to ensure their architects are well educated and trained on the newer technology.
Also, for IT teams considering the latest Wi-Fi 6E technology (6th generation Wi-Fi, 802.11ax, over the newly-opened 6GHz spectrum), WPA3 holds a special meaning, as it will be required for those deployments; there will be no backward compatibility or transition modes for security.
Ultimately, WPA3 addresses countless vulnerabilities and is something your organization should explore and implement as soon as you can, but it does take thoughtful planning and coordination. There’s no “easy button” here.