Having a guest network for people visiting your organization to log onto can be essential for the modern organization. In fact, many customers and visitors have come to expect this level of service, particularly if the visitor will be staying for any length of time, or be expected to provide any information. Even the most innocuous services are accessible only by internet, and many times buildings and facilities get in the way of personally provided 4 G service.
But providing internet access through a guest network doesn’t come without risks. If not executed properly, guest networks can cause major vulnerabilities for your wider network and company services. Guest networks are also potentially a serious source of resource drain, and if not properly monitored can be a source of liability as well.
Here are 3 vulnerabilities caused by improperly managed guest networks:
1) Unless the guest network is properly filtered, it’s possible for guest network users to access inappropriate stuff that may disturb other users. An example of this happened recently in Michigan where a substitute teacher accidentally showed students pornographic content streamed from an unfiltered web.
2) Guest devices often will not adhere to the security standards of an organization. Often casual users don’t have the latest security updates installed, or anti-virus installed. This could lead to these devices spreading malware on the internal network if proper protections are not in place.
3) These devices could be used to bring down a network or hack resources on the network if the end-user has malicious intent and is technically savvy.
Protecting yourself and your network against these kinds of scenarios comes down to a few simple preventative measures. Ensure that guest networks are isolated from the rest of your networks with the use of VLANs or ACLs. Make sure those networks are protected with some kind of gateway anti-malware and web filtering, since the devices themselves are beyond your control. And finally, have a plan in place in case the worst does come to pass. Techtarget have an article with a 10 step response plan for data breaches which also applies in this case.
For more information about Smoothwall’s web filtering and gateway anti-malware powered by BitDefender, please contact us.
Our specially developed technologies deliver real-time Dynamic Content Analysis™ of web pages, all without impacting on the users’ experience.