WiFi is no longer a "nice to have" option within enterprises -- it's now the primary form of connectivity for many users. While a wired Ethernet connection is generally faster and more reliable, it forces users to be tethered to their desks. Add to that the fact that smartphones, tablets, and many ultraportables are WiFi-only, and you begin to understand why enterprise WiFi is becoming such a critical part of the overall network infrastructure.
But even though your users may demand a reliable and easy-to-use wireless network, your IT department may not be able to deliver it. There are several reason for this. First, the wireless network may be poorly designed, not maintained properly, or simply in need of an overhaul. Second, policies and procedures surrounding how users and devices gain access to WiFi networks may be poorly written or completely absent, leaving users to figure them out for themselves. Finally, issues can stem from users expecting far more out of the WiFi network than the organization is willing to pay to give them.
In this slideshow, we'll look at eight common enterprise WiFi shortcomings that stem from one or more of the issues discussed above. So while some problems can be fixed by better procedures and/or documentation, others require complete overhauls of the current network in order to fix technical or architectural problems. But any way you look at it, they're all problems that need to be addressed. WiFi in the enterprise is still gaining in popularity, so enabling it should be a top priority.
Please click ahead to review our list of common WiFi weaknesses. If you'd like to add to our list or propose ways to reduce a nagging WiFi issue mentioned, we'd love to hear about it in the comments section below.
(Image: Dean Drobot/iStockPhoto)
Changing WPA/WPA2 Pre-Shared Keys
The most secure and easiest way for users to gain access to enterprise WiFi networks is to configure WPA2-Enterprise with 802.1X authentication. On many devices (such as Windows PCs), 802.1X authentication is transparent. When users login to their PC with their Active Directory username and password, these same credentials are used to authenticate them via 802.1X on the wireless network. The beauty here is that when users are forced to change their AD passwords every few months, it makes the wireless network more secure.
There are situations, however, where companies do not fully integrate 802.1X authentication. Instead, devices authenticate with what are known as pre-shared keys. These are essentially static passwords that are entered into devices to act as authentication. The problem is, the shared key is often not kept secret for long. Employees share it with people that shouldn't have access. This is a major security issue. Additionally, changing keys on all devices is typically a manual process that can become a nightmare to maintain.
(Image: Cisco Meraki blog)
Poor Guest WiFi Onboarding Processes
Most companies I walk into these days have some form of guest WiFi access. Guest WiFi allows untrusted users/devices to access/authenticate to the corporate WiFi, but only have access to the public Internet.
While many companies have guest WiFi capabilities, actually figuring out how to gain access can be a challenge. Instead of having a simple, streamlined process, I find that few employees actually understand how to onboard guests. And finding someone who can help set up a guest account often takes more time than it's worth.
One of the most difficult WiFi architectural challenges in my career was attempting to design a stable wireless network on the 23rd floor of a building located in downtown Chicago. The building was 40 stories tall and each floor had a different occupant. And of course, each had its own wireless network. Additionally, wireless signals from surrounding buildings bled into my space, causing a tremendous amount of congestion on the 2.4- and 5-GHz spectra where WiFi operates. The only way to combat congestion is to perform a thorough wireless site survey and use enterprise-grade WiFi equipment that can detect frequency congestion and adjust channels on the fly. But even using these tactics, congestion can cause a great deal of headaches both for end users and IT staff supporting the WiFi network.
Inconsistent Experience At Remote Sites
When companies have a centralized headquarters and multiple remote sites, the WiFi experience can vary greatly from one location to the next. And if employees have to travel between locations where wireless connection processes and capabilities differ, these differences are as noticeable as night and day. So while it's not always possible to have a completely uniform solution that works identically across all locations, it should at least be as close as possible. Your users will really thank you for it.
Not Enough Capacity
Legacy WiFi networks were designed and deployed to provide the best wireless coverage using the fewest number of wireless access points (APs) as possible. This was done to cut down on costs. But now that WiFi is used so much, legacy networks are suffering from overcapacity. Too many users connected to the same AP can dramatically reduce performance. And if parts of your network are becoming congested, it can bring wireless throughput to a standstill.
Too Many SSIDs
There are legitimate reasons for companies to broadcast more than one SSID on a wireless network. Almost always you'll see an SSID for employees and a second for guest user access. But more often than not, I see several more SSIDs broadcasted for other purposes. This isn't necessarily a big deal if they are being used for legitimate purposes. But once you get beyond five or six SSIDs broadcasted, you start to confuse your users about which one they should be connecting to at any given time with any given device.
In public areas such as convention centers, airports, and schools, users must go through a Web-based splash screen for authentication purposes. While this is all well and good, the splash screen experience can vary widely depending on what device you're connecting with. Sometimes the splash screen does not properly display or even show up at all. Other times, users are forced to re-login after an hour or two of use, which can be irritating.
In 2015, having a WiFi dead spot inside the office -- even while riding in an elevator -- is not considered acceptable. Wireless signal strength can change over time due to frequency congestion, physical obstructions, and other environmental factors. It's important to regularly perform surveys to verify the absence of dead spots and to act on user feedback regarding the locations of potential dead spots.