By Rajat Bhargava Posted April 5, 2017
Wireless rules the modern workplace, having pushed outdated wired Ethernet connections to the side. WiFi cultivates an agile workplace, promotes employee productivity, and costs significantly less. All of this makes WiFi a core IT infrastructure component for all organizations, which is why it has basically 100% market share.
The deployment of a wireless access point and connecting it to the internet is quick and easy, however, WiFi does have a downside. It can be difficult to maintain high standards of security when it comes to wireless access. Achieving true WiFi security has become one of the most crucial parts of organizing a modern IT infrastructure.
One method that drastically simplifies securing wireless network connections is a unified cloud directory platform complete with cloud RADIUS.
Your Shared Wireless Network Is at Risk
The greatest difference between WiFi and wired connections is the fact that wired networks have unique logins for each user. WiFi network is accessed using a shared SSID and passphrase.
These shared credentials are far from a secret, as they are passed out via email, written on boards, or physically copied and distributed. With guests and employees coming and going, the ability to access the shared network is fairly easy to obtain.
Whether you want them to have access or not… they do. This is a major problem.
Constantly updating your passphrase is an option, but it can be a major hassle for end users. But even if you decide you want to go through that process, there’s no promise that your key will remain secret for long. There are open source tools that can allow hackers to compromise your network with ease.
In the end, no matter what you are doing, your WiFi network is not safe when using shared credentials.
How Can You Ensure Secure Access to Your Network?
When securing your WiFI network, the easiest and most cost-effective solution is connecting and authenticating each user to the core directory service.
For access, the user is required to enter their credentials, just as they would with a wired network. This is the sole similarity, as with WiFi a user only has to use login with their unique credentials once. The supplicant software stores the login information and passes it securely to a RADIUS server, where it is then passed again to the identity provider. Once it reaches this point the credentials are verified and the user is allowed into the network.
Through this process unique and secure access for every user is ensured.
The days where a simple SSID and passphrase garnered access for a user are over when you choose to go this new, much more secure direction. Additionally, this new method allows users to enter the same credentials they use for systems and apps for the WiFi network, paving the way for true single sign-on.
The New “Set it and Forget It” World
The advantages of this approach are immense. Only authorized users will have access to WiFi. There is much less worry about hackers compromising the network and gaining visibility to internal machines. These machines rest a level deeper, making them more difficult to compromise. Even if you do not possess sensitive data on the internal network, that’s a big relief.
For end users this method benefits productivity, as you eliminate the need to send around and memorize frequent WiFi passphrase updates.
Most importantly, security is boosted and the WiFi network moves toward the ultimate goal of being a “set it and forget it” solution.
There are challenges in implementing this method. There are numerous components needed, including a RADIUS server, configured RADIUS protocol, identity provider, and arranged supplicants. Some IT organizations may be scared off by the overhead, but this path is far more secure and efficient in the long run.
Streamline WiFi with RADIUS in the Cloud
This is where JumpCloud enters to save the day. Our unified cloud directory platform features RADIUS-as-a-Service. With this solution, all you need to do is simply point your WAP to JumpCloud’s virtual cloud-based RADIUS server, which contains your users within a core unified cloud directory.
Our support of PEAP protocol allows you to never need to reconfigure laptops and desktops – all of the heavy lifting is completed as a service without you lifting a finger.
Do More, Securely, with a Unified Cloud Directory
To learn more about how Directory-as-a-Service and cloud RADIUS can save you time and improve your security drop us a line today. You can also try JumpCloud’s platform with ten free users forever and receive free support for the first 7 days so you can onboard swiftly!