We Don’t Trust You
It’s still remains uncommon for organizations to have a guest network – particularly smaller ones. When there is no guest network, guess which network everyone and their brother will join? Although this might not seem like a big security risk, primary network passwords are often shared which leads to inappropriate devices in your secure work zone.
“Guess which network everyone and their brother will join?”
We have a responsibility as IT professionals to balance productivity and security in networks. One of the reasons we need to protect the secure network in an organization is because the network needs to be thought of as a safe place. There might be new equipment getting set up or installed, or new software being tested, and it’s important that we isolate that network from the Internet.
Putting an insecure device on a secure organization network might provide an opening for malicious software to exploit. In larger corporate networks and with networks that have a high IT budget, we can secure those networks from any unregistered device getting onto it, but this is an ideal scenario, particularly for small business.
Don’t Make Employees the Gatekeeper
In the real world, in small businesses and many medium-sized businesses, the capabilities and technical and budgetary requirements are limited, so there’s still a lot of human approval and decision-making in this process. Given the choice between connecting an unsanctioned device to a corporate network versus missing out on some personal need for managing our life or family, we may slip and just want to get that device on the corporate network.
Now, if a guest network had been available for that employee, they would have had a much easier decision because we could have met their need to get online while maintaining the security of the network.
The good news is that creating a guest network is fairly inexpensive, but it’s an often-overlooked piece of setting up a new office. It’s important that if a small office is going to be established, or if you’re going to move into a new office, you buy enough capability in the networking equipment to support a guest network. This is not always intuitive, and managers or owners may purchase equipment without realizing it doesn’t have this feature.
Why We Need to Roll Out a Red Carpet
Most of the technology that allows for a guest network has a specific kind of technical implementation, whereby it’s not just a separate network but is set up securely so that individual devices on the guest network can’t talk to or see one another. The network can’t be scanned, and therefore if there’s a vulnerability on a particular device—maybe because there’s malware installed or a network scanning app—it reduces the risk of that vulnerability being exploited.
“Don’t make your employees connect to the café downstairs“
Keep in mind that although we might be providing a secure channel to the Internet and being a good citizen, behind the scenes, many guest networks—like those at airports and hotels—may be unsanctioned and snooping on you. Don’t make your employees connect to the café downstairs.
A guest network provides an outlet for your employees and guests, which helps them stay productive and make everyone secure.
Scott Morabito is a technologist and founder of TechTonic. He is a computer scientist and resides in Concord MA
