Home » Magazine Archives » August 2005
Security Technology Executive
Most Read
Most Emailed
E-mail Article
Print Article
Wide Open Wi-Fi
The Latest from SIW
Mace to launch dealer program, acquire central station Basics of establishing an employee ID badging system The security week that was: 1/02/09 The top 40 security stories of 2008 Homemade bombs force evacuations in Aspen, Colo. Toronto wraps up municipal surveillance pilot project
By D.E. Levine, CISSP, CFE, FBCI, CPS
Security Technology and Design
You know you have to protect your wireless networks from hackers, but you also have to protect it from your employees … and yourself.
Recently I visited a friend of mine, a top attorney dealing in privacy compliance and litigation. As she sat at her wireless laptop with her trusty Palm Pilot and cell phone nearby, I asked her how she secured her wireless devices. “I have no idea,” she replied. “The firm gave me this laptop fully loaded with a wireless card and 30 minutes of training. No one explained anything about wireless security.”
“But you deal in privacy violations,” I said. “Aren’t you afraid that someone might illegally access your laptop or one of your other wireless devices and get information that's supposed to be private?”
“I haven’t really spent any time thinking about that,” said my friend. “After all, we have a security administrator who takes care of all of that, and since I’m totally ignorant about all things technical, it’s probably better if I don’t get involved.”
Companies are increasingly adopting wireless communications for their employees. The security administrator is responsible for securing communications, but wireless options offer employees a plethora of ways to circumvent security policy, intentionally or unintentionally. That’s bad news when most employees, like my lawyer friend, remain uneducated or undereducated about the possibilities of security violations.
The Wireless Threat
Simply by being airborne, your WLAN opens itself to intruders and attacks. The 802.11 standard from the Institute of Electrical and Electronics Engineers (IEEE) defines the physical layer and media access control (MAC) layer for WLANs. All the base stations, or access points to the network, communicate with each other using the 802.11, or Wi-Fi, protocol. It operates at a 2.4-GHz frequency that is unregulated by governments and that the walls of buildings cannot completely constrain.
According to Rob Markovich, president and CEO of Network Chemistry, “Malware and hackers target WLANs because they are the new low-hanging fruit of the IT world. It’s relatively easy to exploit an open AP or divert a laptop to a hacker’s wireless device.”
