By Rajat Bhargava Posted October 4, 2016
The world has shifted to WiFi.
It’s so ubiquitous that we have WiFi on planes now.
No longer do IT admins need to hire contractors to pull cable at their offices or do it themselves. Add in the fact that you can leverage cloud infrastructure platforms, such as AWS, and you don’t need to even rack servers anymore, let alone manage Ethernet connections. WiFi networks have made a significant difference in the world. With the positive, though, come drawbacks. One of those issues is WiFi security.
The Internet Café Model Serves Up Weak WiFi Security
Unlike the wired connection, WiFi networks can be ‘seen’ for a wide range around the access point. It’s actually the point of WiFi, but unfortunately, that means that others can see your network as well. We’re talking about those above, below, and to the side of you. In fact, it isn’t hard for a hacker to camp out in your parking lot and hijack your connection. WiFi security has been largely considered weak and ineffective. Even with better encryption technology, many IT admins are concerned about WiFi security. As well they should be.
A common refrain on the topic is that there is next to nothing hosted on-premises anymore. Laptops and desktops connect into the network, but cloud servers, critical applications, and confidential data are all hosted elsewhere. While this is true, this belies the fact that access to those critical IT resources is often from devices that are on the WiFi network. An unauthorized user that is on the same network as your users poses a significant risk. Even mediocre hackers can find entry points to your machines if they have unfettered access via a common network. Our question to IT admins has been, why take the risk? Instead of treating your network like an Internet café, treat it like the secure network it should be.
Brewing a Strong Directory-as-a-Service Use Case
The truth is that the reason organizations choose the Internet café model is that it is hard and time consuming to add WiFi security. It takes time and money, and both are in short supply in IT. The good news is that there is a better way to do this and not spend a great deal of time and money. An important use case for JumpCloud’s Directory-as-a-Service® platform is WiFi security. The smartest way to protect your WiFi network and subsequently your users and critical IT resources is to connect WiFi access to unique credentials. This is done via RADIUS and connected to your directory services. However, this is where the rub comes in for IT. Standing up and managing RADIUS infrastructure, connecting it to the core directory service, and then adding supplicants to devices is time-consuming and arduous.
You eliminate all of this overhead with JumpCloud’s Directory-as-a-Service. The cloud-hosted directory service from JumpCloud® comes with a fully managed cloud RADIUS infrastructure and a built-in unified cloud directory. In addition, no special supplicants are needed. Simply point your wireless access points to JumpCloud’s RADIUS-as-a-Service infrastructure, and it does the rest for you. Your user’s core credentials – whether those are unique to your organization or you leverage Google Apps or Office 365 – are tied to for WiFi access. Now, a hacker must not only break into your WiFi network, but they must also know one of your user’s credentials. That’s a tall order and will likely convince a hacker to move along to an easier target.
Perfect Blend: Cloud RADIUS and Cloud Directory
WiFi security is an important step to take for today’s networks. JumpCloud’s Directory-as-a-Service platform is designed to support and enhance WiFi security. Its RADIUS-as-a-Service functionality saves IT organizations significant amounts of time and resources. If you would like to learn more about how JumpCloud’s cloud RADIUS capability can increase your WiFi security, drop us a note. You are invited to connect your WAPs up to JumpCloud to see for yourself. Go ahead; try leveraging your GApps or O365 credentials for WiFi access. Your first 10 users are free forever.