Subscribe to industry newsletters

Search jobs

Insufficient security a concern for IT decision makers

Insufficient wireless security is a concern for 71% of the information technology decision makers (ITDMs), according to a new survey from Fortinet, the global leader in high-performance cyber security solutions.

Insufficient security a concern for IT decision makers
©Rancz Andrei via 123RF
This is hardly surprising, given that 29% of the enterprise wireless networks put in place for internal employees, do not have the basic security function of authentication in place.

A significant 16% and 21% of enterprises, respectively, overlook firewall and anti-virus security functions when it comes to wireless strategies. Other security measures deemed critical to core infrastructure protection, such as IPS (deployed by 39%), application control (35%) and URL filtering (41%), play a part in even fewer wireless deployments.

Most common features

When considering the future direction of their wireless security strategies, 56% of ITDMs said they would maintain focus on the most common security features - firewall and authentication - while demand for more security is emerging with 22% prioritising complementary technologies - IPS, anti-virus, application control and URL filtering - to guard against the full extent of the threat landscape.

Other survey highlights include:

• South African ITDMs said the biggest risk to their organisations of operating an unsecured wireless network is the loss of sensitive corporate and/or customer data, with 69% citing this as a concern (vs 48% of global respondents). The next highest risk, service interruption, was cited by 16% of ITDMs, followed by industrial espionage (7%), non-compliance to industry regulations (5%) and damage to corporate reputation (4%).

• 7% of ITDMs polled said their corporate wireless networks have no controls whatsoever for their guest or visitors access. The most common form of guest security access on corporate wireless networks is a unique and temporary username and password (68%), ahead of a shared username/password (20%), a captive portal with credentials (13%).

• Wireless infrastructure governed by a premise-based controller is a thing of the present according to the findings (56%) but this trend will change to cloud-based management as only 12% of enterprise ITDMs refuse to trust the cloud for such critical management in the future.

Of the cloud-ready respondents, 47% would want to use a private cloud infrastructure for wireless management and 53% would outsource to a third party managed services provider. 20% of those considering outsourcing would only do so provided it is hosted in the same country, leaving 33% happy to embrace wireless management as a public cloud service regardless of geography.

Aware of risks

"South African IT decision makers are aware of the risks facing their businesses through unsecured wireless networks, and most feel they have taken steps to mitigate these. However, the threat landscape is evolving and attacks such as advanced persistent attacks will target multiple entry points, including the wireless network. There is no room for complacency when it comes to securing the enterprise," Perry Hutton, regional director for Africa at Fortinet, said.

The findings come from an independent survey of over 100 South African ITDMs at more than 250 employee organisations in different sectors including financial services, public sector, health, retail, travel and leisure, manufacturing and construction, FMCG, telecoms and technology. All respondents were sourced from independent market research company Lightspeed GMI's online panel.

Let's do Biz