As IT organizations continue to look for ways to step up their security efforts, the network is an area of constant scrutiny. Sys admins and IT directors alike recognize that insecure WiFi networks are a common attack vector. No one is looking to go back to wired ethernet. The wireless network has been an incredibly positive change for organizations. But there’s no denying that WiFi can also be a security risk as well. Especially with the recent vulnerability in the WPA2 protocol, many in IT are wondering if there is an Active Directory as a Service solution that does RADIUS authentication.
This discussion has two layers that we need to make sure we understand. The first layer is looking into what is the best way for IT admins to secure WiFi infrastructure. The second layer is how to implement secure WiFi infrastructure as a cloud-hosted service. So let’s begin by taking a look at what IT can do to protect their wireless networks.
Securing WiFi Networks
WiFi networks are typically secured with a single, shared SSID and passphrase. But this approach has proven to be both insecure and inefficient when it comes to providing access to your organization’s wireless network. If your shared SSID or passphrase is complex, there’s a good chance of it regularly being written down or shared on whiteboards. Both of these scenarios present an opportunity for anybody who has access to your building to see the SSID or the passphrase. In some cases, the WiFi signal reaches the building next door, the parking lot, or the sidewalk. So when a person obtains the SSID or passphrase, they don’t even have to be in the office to gain access to the organization’s network. Besides security risks, securing WiFi networks with SSID’s or passphrases is also inefficient. When people join and leave the organization, the passwords and phrases have to be rotated each time, and this adds overhead and frustration both to admins and to the end users just looking to do their jobs.
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/active-directory-service-radius-authentication/