Spiceworks†announced the results of a new survey that examines how businesses are securing their data and devices on corporate and public Wi-Fi networks. The†results show†IT professionals consider IoT devices the most vulnerable to Wi-Fi-based attacks, yet 50 percent of organizations have IoT devices connected to their Wi-Fi network. The findings indicate that although organizations are taking steps to increase Wi-Fi security, many IT professionals aren’t confident in their ability to keep corporate data secure on IoT devices.
Among IoT devices, 52 percent of IT professionals believe IP-enabled controllers, such as smart lights and thermostats, are very to extremely vulnerable to Wi-Fi-based attacks, followed by IP-enabled appliances (49 percent), video equipment (42 percent), and electronic peripherals (40 percent), such as connected projectors. Additionally, more than 35 percent of IT professionals believe wearables and sensors are highly vulnerable. However, according to Spiceworks research, only†36 percent of IT professionals†are confident in their ability to respond to cyberattacks on IoT devices.
“While adoption of IoT devices is increasing in the workplace, many IT professionals are still wary of connecting these often un-patchable devices to corporate Wi-Fi networks,” said†Peter Tsai, senior technology analyst at Spiceworks. “To make matters worse, the recent revelation of Wi-Fi exploits, such as the†WPA2 KRACK attack, have called security mechanisms into question that were once assumed to be relatively secure. As a result, some organizations are delaying the adoption of IoT devices and holding out hope that the forthcoming WPA3 protocol might improve Wi-Fi security.”
Apple devices considered least vulnerable to Wi-Fi based attacks
The survey also revealed the perceived Wi-Fi risks associated with traditional computing devices is much lower, particularly among Apple products. Only about 19 percent of IT professionals believe Apple laptops, tablets, and smartphones are very to extremely vulnerable to Wi-Fi based attacks, compared to about 30 percent who believe Windows and Android devices are very to extremely vulnerable.
In terms of how organizations keep their wireless devices secure, the results show the majority of organizations use security protocols (e.g., WPA2), provide a separate Wi-Fi network for guests, implement strong passwords on networking devices, and use strong SSID network names. Fewer organizations encrypt data on their wireless networks (17 percent) or use digital certificates for Wi-Fi authentication (12 percent).
Nearly half of IT professionals believe corporate data is unprotected on public Wi-Fi
Although the vast majority of organizations provide employees with access to Wi-Fi in the office, the survey reveals employees in 61 percent of organizations connect company-owned devices to public Wi-Fi networks when working outside the office in hotels, airports, cafés, and other public places. However, 92 percent of IT professionals have concerns about the security risks of using public Wi-Fi on company-owned devices, and only 55 percent of IT professionals are confident their organization’s data is adequately protected when employees connect to public Wi-Fi networks
In fact, 12 percent of organizations have experienced a security incident involving employees on public Wi-Fi while 34 percent aren’t sure because incidents may have gone undetected or unreported. Additionally, only 63 percent of IT professionals are confident employees at their organization use a VPN when connecting company-owned devices to public Wi-Fi.
To help employees avoid using public Wi-Fi altogether, the results show 45 percent of organizations provide remote workers with mobile hotspot technology, but on average, only 13 percent of employees are remote, working outside of the office for a majority of their week. In other words, the results indicate that employees who occasionally use public Wi-Fi outside the office are often left unprotected.
The majority of IT professionals welcome any changes that might improve Wi-Fi security. In fact, in a recent†Spiceworks poll, 53 percent of IT professionals are confident the upcoming WPA3 protocol will make Wi-Fi networks more secure.