Nittoor Software Research Corporation
The following scenarios have become extremely common today in the modern workplace.
Companies have employees who are into remote work and hybrid work.
Companies also have road warriors such as travelling salespeople.
Employees access corporate data through their corporate laptops, personal laptops and personal mobiles.
Many corporate cloud-based SaaS subscriptions with lesser reliance on apps running on internal corporate network than before.
This has created several issues for companies and their employees.
Security, safety, and integrity of corporate data: Can a company’s IT decide remotely in real-time (through a machine learning algorithm) whether a particular Wi-Fi network is safe to connect for an employee outside of the workplace and restrict or deny access if the Wi-Fi network is unsafe for corporate and personal laptops and personal mobiles that are used to access company data or enforce security standards or encryption in other cases?
Wi-Fi end user experience: Wi-Fi in homes has become extremely important, especially during the pandemic with increasingly sophisticated use cases such as uploading and downloading of huge amounts of data to and from the cloud, video calls with screen sharing, video streaming services such as Netflix and gaming. Wi-Fi in homes might not be optimally configured or might be slower due to inter-channel interference.
Reliability of the Wi-Fi connection: Frozen screens during video calls or audio problems.
Security of the Wi-Fi connection: The Wi-Fi network used by the employee might not be secure.
Reliability of mobile signal for making a phone call for a road warrior, remote worker or hybrid worker.
Non-reliability of the available mobile signal causes dependence on Wi-Fi calling. If the Wi-Fi network that is connected to by the employee’s device is insecure, that opens the corporate data on the employee’s device to greater risks.
Nittoor Software Research Corporation is developing CheckmySignal cloud software platform and CheckmySignal app for the future of work.
CheckmySignal app will run on personal devices running iOS or Android, Windows, Linux or MacOS personal or corporate laptops/computers that communicate with the CheckmySignal cloud software platform.
Corporate IT can set security policies for the minimum level of Wi-Fi security for each kind of data/application through the CheckmySignal cloud platform and the Checkmysignal mobile app on iOS, Android and CheckmySignal app on Linux/MacOS/Windows will ensure that corporate data remains protected.
There is no threat to personal security or privacy from CheckmySignal since this is not an employee remote monitoring solution. But corporate IT will have the complete list of Wi-Fi networks accessed through employee’s devices used to access corporate data.
Keeping Corporate data safe
Single sign-on through CheckmySignal app on Android/iOS and Windows/MacOS/Linux to entire corporate environment including all SaaS applications, corporate data. The CheckmySignal app acts as a CASB (Control access service broker) for all apps linked to the employee’s corporate identity on each device. Corporate IT approves the SaaS apps that the employee has access to, the devices that each employee has obtained approval for and the SaaS apps that each device linked with each employee.
Corporate IT shall have the ability to inspect, configure, mandate & manage control/mandate security policies of remote network of employees, restrict access to corporate data (files, emails, intranet sites) if security level of the Wi-Fi network is not good enough, add additional encryption to data being synchronised with the cloud based on security issues found in the Wi-Fi environment and security policies set up by corporate IT and conduct regular remote worker corporate and device security audit. Remote deletion of corporate data on a device is possible and unauthorized replication of corporate data on devices would be enforced on all devices including personal mobiles.
Based on level of security or lack thereof of the Wi-Fi network, a level of encryption is decided based on policies set by corporate IT. Encryption is handled by CheckmySignal app on the device and the decryption shall be done by the CheckmySignal cloud software platform on the same cloud platform used by the SaaS app. Some examples of scenarios and possible decisions based on the settings by corporate IT are as follows.
Insecure Wi-Fi (no encryption): File sharing disabled, email access with an additional layer of 256-bit encryption through CheckmySignal and corporate cloud access disabled.
Not very secure Wi-Fi (WEP): File sharing disabled, email access and corporate cloud access with additional layers of 192-bit encryption through CheckmySignal.
Secure Wi-Fi (WPA3): File sharing enabled, email access and corporate cloud access with an additional layer of 128-bit encryption through CheckmySignal.
Secure Wi-Fi network hopping while keeping corporate data safe: Many of the devices connect to various Wi-Fi networks in an ad hoc manner. By using machine learning, our technology will select the best Wi-Fi network or the mobile data network that the employee has access to from a security and speed perspective, while also satisfying a set constraint for the available mobile data limit. Encryption levels will be dynamically increased or decreased based on corporate IT’s set policies for security levels of the Wi-Fi network. This is important for keeping corporate data safe since this functionality ensures that the device does not automatically connect to an insecure Wi-Fi network and pose a threat to security of corporate data.
Employee Wi-Fi experience
Employees would be able to obtain Wi-Fi signal heatmaps of the immediate vicinity of where they are working and improve the Wi-Fi coverage.
Optimal configuration of corporate provided Wi-Fi router to using machine learning that detecting issues in the current configuration and reduction of range to fit the required area for better security so that the Wi-Fi network becomes less accessible to potential intruders.
Signal heatmap generation for mobile data for employees on the field. Employees would be able to obtain mobile heatmaps of the immediate vicinity of where they are working with information on the direction that they need to move for better signal. This has great significance for a road warrior or a travelling sales person.
Wi-Fi diagnosis: User choice based automated switching to an alternate Wi-Fi network or mobile data if any instability arises in current Wi-Fi network for seamless work. The CheckmySignal cloud software platform will constantly check the health of the Wi-Fi connection and in the event of any issue will automatically switch the device to a secondary Wi-Fi identified by the user/employee which could also a tethered Wi-Fi network that is powered through mobile data thus making reducing the risks due to an outage.
Workplace Wi-Fi optimisation
Secure sharing of Wi-Fi network credentials in corporate premises: Easy method to share/push the Wi-Fi SSID (network name) and password (while keeping it completely unknown) to any user using a combination of the CheckmySignal cloud software platform and CheckmySignal mobile app on iOS, Android and CheckmySignal app on Linux/MacOS/Windows. Easy method to un-share the network credentials on the device and hence remove access after a pre-defined interval of time.
Wi-Fi management: Automated configuration of public Wi-Fi networks with a secure password with secure sharing and un-sharing of credentials.
Signal heatmap generation for office and suggestion for location of additional APs (Access Points): Improve Wi-Fi coverage in the plant/office by signal heatmap generation and AP placement.
Comparison with competition
To the best of our knowledge, there is no single product or solution available in the marketplace that addresses the range of issues that CheckmySignal cloud software platform and the CheckmySignal app solve for the future of work. Broadly, there are three kinds of offerings in the marketplace that might appear to have some overlap – VPN, traditional cloud security providers, and traditional Wi-Fi improvement solutions.
VPNs: VPNs are a very legacy and inefficient approach to data security that makes corporate data vulnerable to threats. Though corporate VPNs do provide some level of protection to data on corporate laptops, they typically do not protect corporate data on personal laptops and personal mobiles.
Traditional cloud security providers: Traditional cloud security providers do not increase encryption levels when a device connects to insecure Wi-Fi.
Traditional Wi-Fi improvement solutions: Traditional Wi-Fi improvement solutions such as mesh networks improve the home Wi-Fi coverage to some extent and are not direct competitors to us.