Rogue and insecure Wi-Fi access points are increasingly posing a threat to the security of corporate networks.
One of the main worries about wireless security is users unwittingly accessing insecure or malicious wireless networks when they are out of the office, according to a survey this week. And 10 out of the 12-strong CIO Jury IT user panel, organised by ZDnet UK's sister site silicon.com, agreed that Wi-Fi security is a major concern.
Gavin Whatrup, group IT director at marketing services company Creston, said his organisation has taken the decision not to install a wireless infrastructure until the security elements of Wi-Fi have matured.
We can typically see up to three or four foreign wireless networks from some of our offices and these are often unsecured
Christopher Linfoot, IT director, LDV Group
He said: "While Wi-Fi will never be completely secure, the options available to mitigate the risk continue to develop. Until this happens, and the price drops, we will bide our time."
The danger of employees connecting to rogue Wi-Fi networks is a serious concern, according to Christopher Linfoot, IT director at the LDV Group.
He said: "We can typically see up to three or four foreign wireless networks from some of our offices and these are often unsecured. We are planning a wireless overlay to our network to provide controlled wireless access and give visibility and a degree of control over rogue networks."
Nicholas Bellenberg, IT director at UK publisher Hachette Filipacchi, said his organisation does not have any wireless connectivity in the office due to a strict security policy, but admitted there are potential issues as more people work remotely.
He said: "The fact that staff have laptops and PCs at home, generally connected wirelessly to their home ADSL connections, is an issue that we need to probe further but, to date, we have taken comfort from our Cisco VPN software and the other corporate security provisions all doing their stuff when these users need to connect to our network."
Peter Birley, IT director at Midlands law firm Browne Jacobson, said wireless is just another network security issue: "They all require proactive policies and continual monitoring. Wireless just adds to that complexity."
Talkback
Mobile access should be what it says. Meaning, mobile access from anywhere, any place, any device.
Don't limit yourself to restricted areas that offer some sort of WiFi, HotSpot or whatever. That's not real mobile.
Besides, WEP is cracked in minutes nowadays. Oh, you didn't now that? Well, how well do you get informed. Is there anything better then WEP available nowadays? Yes, but can your equipment etc deal with it? Likely not.
Real mobile is getting the same sort of access no matter where you are. GPRS, UMTS and/or HSDPA is what you're looking for. At flat fee, unlimited and unrestricted agreements, though. Don't use anything else. Once that consumer message is broadcasted you'll see telco's tumbling over each other to get your account at more then reasonable prices (that's called: free market, innovative competition in a equal opportunity market). Until then, pay at least three times more for a quarter of what you could have had. Yes, accepting what's advertised, not thinking for yourself, as the sheep you are, is the best way to ensure paying double for half. "But everyone else is doing that" is the mantra PR departments globally want you to repeat over and over again. Another milking cow added to the flock is what they'll think with a big grin on their face. And yes, your trusted external consultant and account managers might be dead against thinking for yourself and flood you with FUD reports as to why not, but how commercially motivated towards you are they really?
In short, security 101, anything not explicitly allowed is explicitly forbidden. Threat anything externally as a compromised connection until proven guaranteed otherwise. Once you've learned how to distinguish between a real compromised external connection and an elaged one you're on your way to true secured remote connections. And those do not include whatever external connections through limited area's like VPN, WiFi and HotSpots.
The thing you're looking for is a solution that's really secure no matter where your remote client, employee or customer is at that moment of time, despite how they connect and with what. And works everywhere without price or other differences.