With the cost of new smartphones reaching nearly $1,000, it’s no wonder employees hold on to their old devices. Employees may not realize this means their devices are no longer getting security patches and are thus exposing them to risks. If your company follows a Bring-Your-Own-Device (BYOD) policy, which allow employees to use their own equipment, so you may not want to force them to upgrade. That means you expose your network to those risks, too.
Constraints on corporate budgets similarly keep businesses from updating their networking equipment. Just like outdated phones, outdated routers expose networks to risks.
In fact, wireless networks are exposed to risk from obsolete devices both at endpoints and within the data center. Keeping your Wi-Fi secure means dealing with these threats wherever they occur.
Risks of Old Mobile Devices
The risks of old mobile devices are widespread. In fact, it’s far more rare for phones to be up to date. Fully 90 percent of Android phones run on an outdated version of the operating system. Apple phones aren’t much better, with between 50 to 80 percent of iOS devices using outdated versions. These outdated operating systems don’t receive updates such as important security patches. As a result, the phones are vulnerable to known attacks.
While malware targeting iOS is limited, Android malware is widespread and creates a high risk. The security firm G Data discovered that Android malware is created at the rate of 8,400 new malware apps daily. Old versions of iOS expose networks to as many as 100 or more known vulnerabilities.
It’s also important to realize that there are many other wireless devices that connect to your network in addition to phones, tablets, and laptops. Devices such as wireless printers and Internet of Things (IoT) devices also communicate over Wi-Fi. Many of these devices are extremely unlikely to ever be updated with security patches.
Risks of Old Network Equipment
The risks aren’t limited to your end users’ devices. Old access points and routers within the data center introduce their own risks to your network. One survey found that half or more of networking devices are no longer supported or nearly obsolete.
These obsolete devices increase the risk of security breaches. Devices that don’t run the latest version of the 802.11 protocols can’t guarantee secure communication. The Wired Equivalent Privacy (WEP) protocol of 1999 was followed by Wi-Fi Protected Access (WPA) in 2003. WEP is now deprecated and should no longer be used; continued use of WEP in 2007 allowed a security breach that cost TJ Maxx $1 billion. Software is readily available to crack both WEP and WPA.
Current standards use WPA2, which implements the 802.11i standard and uses a 256-bit key for enhanced security. Some hardware needs firmware upgrades to support the standard. Devices that don’t support WPA2 should be replaced. Without strong Wi-Fi security, data may be intercepted and the risk of a distributed denial of service (DDoS) attack is increased. You should also be aware that using WPA2 doesn’t guarantee security; there is at least one known vulnerability.
Risks of Old Phone and VOIP Equipment
Modern IP telephony and unified communications allow voice communication to travel over multiple networks, so taking security measures is vital to ensure privacy. Old equipment may not easily integrate with existing firewalls or may be vulnerable to DDoS attacks. As with other old equipment, lack of support and lack of patches means ongoing vulnerability to known threats.
More than Security Risks
The risks of allowing old devices and old equipment to use your wireless network go beyond security. Old devices often have lower performance rates and lack the latest features, resulting in lower productivity and preventing you from responding effectively to new business opportunities. Out-of-date devices also have higher ongoing operational costs. This makes it more difficult for your IT team to effectively support users while distracting the IT team from work that provides real business results.
Address the Risks of Outdated Devices on Your Network
To reduce the risks caused by outdated devices, you need to prevent old devices from connecting to your network and make sure that connected devices have the latest security installed. These approaches can help:
- Have a BYOD policy that defines users’ responsibility for keeping their mobile devices current. Use mobile device management or enterprise mobility management software to define the devices and operating systems allowed to connect to your network. For safety, phones should be used only as long as the manufacturer supports new versions of the operating system on that model, and users must install the updates. Apple generally offers support for its phones for about five years after their release. Android phones are produced by a large number of manufacturers who have their own policies. It’s best to limit Android phone use to no more than about three years.
- Create an IoT policy similar to your BYOD policy to define permitted IoT devices.
- Implement a process for tracking end-of-life and end-of-vendor support dates for business-owned devices like switches and routers. Allot time and funds for upgrading devices as these dates grow near.
- Implement a process for tracking firmware and software security patches and use automation to ensure they are deployed across all devices in your data center.
- Use tools such as wireless intrusion prevention systems or wireless intrusion detection systems to enforce security policies. Use firewalls to segment your Wi-Fi network from the rest of your network.
Schedule a network audit from CTC Technologies to identify the risks present in your network and create a plan for securing your network.