Tech Guide: Wi-Fi: Security For The Masses - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure
News
6/27/2003
01:40 PM
50%
50%

Tech Guide: Wi-Fi: Security For The Masses

A lack of effective security standards has slowed Business adoption of Wi-Fi but hasn't quashed enthusiasm for the technology. Here's what's being done about it

Tech GuideThere's no doubting the hipness of wireless hot spots. Thanks to Wi-Fi technology, tech-savvy people can jack into the Net at Starbucks coffeehouses or on Lufthansa Airlines or at upscale hotels across the nation. In corporate America, Wi-Fi has the potential to become the de facto standard for connecting mobile users to networks, despite serious security worries. New security standards on the horizon might solve some of those problems, making this hip technology far more practical.

Wi-Fi, which stands for Wireless Fidelity, is a consumer-friendly name to describe a gory set of wireless-networking standards. In the engineering world, Wi-Fi refers to a set of IEEE standards, the most common of which is 802.11b, which describes a wireless networking system with speeds up to 11 Mbps. Since the 802.11b standard was ratified in 1999, Wi-Fi use has exploded in both the consumer and business sectors.

Its pervasiveness has also spawned a widespread security risk. The standard security shipped with all Wi-Fi hardware, a system called Wired Equivalent Privacy (WEP), is somewhat of a joke in the security community. Wi-Fi's lack of security wouldn't be such a big issue if not for the way Wi-Fi LANs operate. Wi-Fi access points, the boxes that sit between wireless users and a wired LAN, broadcast their existence to the world, making them easy to locate. With a range of 100 to 500 feet, access points often give workers network access in several adjacent rooms of an office. Unfortunately, that offer sometimes extends to the parking lot and street out front as well.

Tips for Securing Your
Wi-Fi LAN
Move your access points to locations that aren't accessible from outside your building, typically closer to the center of your building
Never use the open (no security) mode, which is the default (out-of-the-box) setting of most access points
Develop a user security policy to match your security architecture. Users can defeat even the most well-planned security system
Don't use WEP, Wi-Fi's standard security mechanism. Use WPA or your VPN instead
If your access point can be administered via wireless links, turn that capability off. Administer your access point via wired connections only. Also, never use the default administrative password provided by your vendor
If your access point allows it, turn off the broadcast of the ESSID (Extended Service Set Identifier) and choose a hard-to-guess ESSID. This will make it harder for hackers to connect to your access point
Data: InformationWeek
The combination of an essentially useless security protocol implemented on promiscuous access points creates a huge potential security hole in any business' infrastructure, including home offices. While entrances to conventional wired LANs can be surgically blocked by deploying firewalls and taking other measures at specific locations, wireless LANs, based on Wi-Fi, offer access to anyone who can get physically close enough to the access point.

Wi-Fi Internet connectivity promises strong business value and convenience, so it's worth figuring out how to make it work safely. There are security options available, and upcoming standards could make them far more palatable.

In the past few years, more than a few network hardware vendors have come up with proprietary solutions for the lack of security in the 802.11b standard. They include proprietary security systems in Wi-Fi PC cards, access points, and PCI adapters. But these require that a customer use only that vendor's networking hardware. While single-vendor sourcing is common in companies, proprietary security mechanisms can be difficult to integrate into enterprisewide security systems that may include VPNs and single-sign-on authentication systems.

So how have enterprises been implementing Wi-Fi security? A common approach is to bypass WEP and use the corporate VPN to provide a secure connection over Wi-Fi links. VPNs manage data confidentiality by encrypting network traffic, but they don't always have authentication systems or access controls that work well in wireless environments, especially when the access point may be publicly accessible (like that Starbucks hot spot). If a VPN isn't set up with strong mutual authentication on both ends, users may be open to a "man in the middle" attack in which a villain on the wireless LAN, monitoring traffic to the access point, intercepts your attempts to connect to the corporate VPN and manages to masquerade as your VPN server, perhaps just long enough to steal logon credentials.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Commentary
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
Slideshows
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
Slideshows
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
White Papers
Register for InformationWeek Newsletters
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll