Wi-Fi is a broadcast methodology, which makes it inherently insecure, and it’s beamed outside the intended use area in over 95 percent of cases. Even if the network is ‘hidden’, someone with minimal networking expertise and technology can sit outside a building and connect to most networks using readily available tools.
The security risks were highlighted last autumn when a researcher in Belgium discovered the KRACK vulnerability, which enables attackers to break WPA2 encryption. Even HTTPS can be bypassed in some situations. The good news is that some devices such as up-to-date Windows PCs are already protected, and manufacturers are working on patches for both wireless access points (APs) and clients.
True Wi-Fi security requires encryption and access controls, which add a significant cost. Virtual Private Network (VPN) will encrypt all network traffic and thus make it invisible to prying eyes, but requires a client on the edge device. You can use technology to encrypt wireless data from the port out, but this needs even more care to maintain security. Even some solutions which purport to be secure send the password in open text, leaving themselves open to a determined intruder.
The second challenge is configuring your wireless network. The larger the building, the more complex network planning becomes. Problems include building construction, which can create blackspots; contention between APs, which results in devices constantly dropping and restarting connections; and small wall spaces, as the AP signal bounces between them and signal strength can be reduced drastically.
You also have to content with interference from external sources such as microwaves, car alarms, Bluetooth, baby monitors, phones and amateur radio, as all of these also use 2.4GHz. This can be countered by changing channels, adjusting settings, or switching to the less crowded 5GHz. This also offers more channels and as a higher frequency provides higher speeds, so it’s recommended for video and deemed ‘essential’ for 4K streaming. However, wall and floor penetration are significantly reduced, so you’ll need more APs.
Most of these issues can be managed with effective planning before implementation and by configuring the performance of each AP. However, it has time and cost implications which many businesses do not anticipate, and wireless connectivity complicates troubleshooting. In one instance Fordway spent ten days investigating Wi-Fi drop-out in a 24x7 call centre. After trying multiple workarounds to enable PCs to work consistently, we reverted to a wired solution.
It's also worth noting that promised Wi-Fi speeds should be treated with caution. In theory Wi-Fi supports higher speeds than physical cabling, but contention with other users and connection latency means that the user will never see the quoted speeds.
This doesn’t mean businesses should avoid Wi-Fi altogether. However, most buildings have a reasonable standard of physical cabling which you should use for the majority of corporate communications to ensure security and guarantee availability. Wi-Fi can then be installed for guests, segregated from the rest of the network. It has advantages for roaming and occasional use but isn’t something organisations should rely on for the majority of network traffic.