Nothing frustrates users more than a slow or inconsistent connection. It's understandable, but it’s even worse if their security was compromised. That is the situation that faces many companies battling to provide both a usable and secure wireless network.
How do organizations provide their users (employees) with the best possible experience while offering the proper network security necessary to protect its most important assets? It feels like an impossible task to balance the two but it can be done.
So how do you do it?
Do you prioritize productivity or security?
Many businesses and campuses are striving to maximize their user’s productivity. They want their time to be worry-free and without issue. On the flip side you have the IT department and security leaders who want to add layers of security to prevent threats and mitigate risks.
Unfortunately in a lot of cases security polices go too far and the wireless network performance is compromised instead. It's a no-win situation in many ways. The IT staff is trying to do their job, but if either outcome happens, a security breach or a poor performing Wi-Fi network, their employment is at risk.
The bottom line is that both network security and performance should be a priority—which means you have to figure out your organizations "acceptable risk". Again, how do you do it? Here are a few things to think about.
- Ask yourself, “What level of security is secure enough?”
- What is considered good performance? In other words, how much productivity does your situation require?
- Where is the point where your protection becomes inhibitive?
It’s all about finding that critical point where introducing more security starts to hurt your organizations performance.
Let’s look at endpoint security for an example.
Most endpoint security strategies have anywhere from 3-5 security agents on the them, maybe more. You might have started with anti-virus and then added a firewall or upgraded your endpoint to include a firewall.
Now you’re adding in encryption (which of course has its own agent) and while you’re at it, why not throw in some remediation tools and finally some DLP critical asset management.
Basically you end up with support issues and an overloaded endpoint that will grind your network to a standstill.
But we have to do this right; after all we’re talking about security here.
Wrong! Security tools should never stand in the way of getting your job done, period.
Suggested Reading - "3 Ways Role Based Access Control Helps Network Security"
An approach to striking the perfect balance
Unfortunately, just as fast as the world can come up newer, more effective and secure networks, someone figures out how to get through them. Bad things will most likely continue to happen. However, you do the best you can.
Here are a few steps you can take to create a proper balance.
Step 1: Determine your high-value assets. Ask yourself what is the most critical when it comes to a legal, business and compliance point-of-view.
Step 2: Lay out what it is your business is trying to get done. In simple terms, what are your needs?
Step 3: Figure out a strategy. Find out what it takes to have the right level of productivity while providing an acceptable level of security.
Step 4: Test your strategy. Make sure it works during your highest demand—you'll know whether it's right or not. If it's not, then fine-tune until it is.
Step 5: Do it again and again. As you've probably already figured out, change is constant. You will need to revisit these steps on a regular basis to stay up with the times in order to maintain the right balance.
The truth is it takes both users and those concerned with network security to perfect the process. You can't find the balance if you aren't validated by one or the other.
What you're trying to do is apply the right amount of security, have the right level of usability, all while keeping the level of risk at an acceptable level.