Wireless local area networks (LANs) are becoming more prevalent in Los Angeles financial advisory firms, offering a level of worker mobility and access flexibility that wired connections do not support.
But wireless connections are also more likely to be compromised, so keeping them secure is essential to protect customer data and comply with regulations.
This article reviews a set of wireless access best practices that can establish a sound basis for data security and industry required compliance.
Identify Potential Threats
To properly protect wireless LANs, a firm’s IT team needs to understand the threats that the industry faces. According to the FBI, hackers stole 500 million financial records between October 2013 and 2014. While cyber-espionage caused 22 percent of the financial record thefts, 35 percent were attributable to website breaches.
Once existing and potential vulnerabilities are identified and patched, a protocol for WLAN security auditing can be established. This can be accomplished using a list of authorized access points, their locations and users, and the security steps that each one needs to observe.
Maintain a continual lookout for rogue wireless APs, unauthorized clients, reconnaissance and attack traffic, and other potentially dangerous abnormalities.
Apply Access Restrictions
Implement a reliable WLAN authentication method. WPA2-Enterprise, also known as 802.1X, is both strong and reliable. If guest internet access is offered, the traffic it produces should be segmented off and logged to minimize risk.
Keep Endpoints Secure
A stolen smartphone or breached tablet/laptop can allow a hacker to enter the corporate network using an authorized WLAN connection. Enroll all mobile devices should in an MDM (Mobile Device Management) program that allows their settings to be controlled and updated remotely.
Ideally, these programs should include remote access commands such as find device, lock device, and wipe contents.
WLANs are more of a challenge to secure than regular wired LANs. Establishing wireless access best practices can be a bit of a balancing act, even after carefully analyzing a firm’s needs and risks: any restriction can inconvenience legitimate activity. However, keeping confidential corporate and client information safe from hackers on an ongoing basis is both an obligation and a necessity.
Does your firm have a set of wireless access best practices established? Do you feel that they serve their purpose well? Let us know your thoughts in the Comments box below.
And to follow-through on the tips introduced in this short article, be sure to download your free guide, Investing in High Net Worth Clients: The LA Investment Advisor's Guide to Using Technology to Manage and Grow Your Firm.