SmartAdvice: Driving Business Value, Enhancing Your Career

The Advisory Council suggests you consider new approaches to managing these initiatives: driving business value (and your career), PeopleSoft's viability, and Wi-Fi hot spots.

Topic C: A growing number of our salespeople and executives are starting to use public Wi-Fi hot spots. What standards or products should we use to secure these systems and connections?

Our advice: Wi-Fi hot spots are inherently less secure than a wired network or dialup access. Like the public Internet, anybody can access the network from anywhere, and with broadcast network packets, anyone with a laptop and an antenna can pick them up. The newest IEEE 802.11i security standard, Wi-Fi Protected Access, features some notable improvements over the older Wired Equivalent Privacy, but neither standard is the final word on wireless security. Unless your company has extreme security requirements, none of these issues should stop you from using the public access networks. However, taking proper precautions to reasonably secure your data reduces the risk considerably.

Related Links

Wi-Fi Alliance

Wireless Communications Association International

NIST Computer Security Resource Center

IEEE Wireless Standards

Since there's little control over a public hot spot's security methodology, the best defense is to both encrypt and secure mobile users' network packets while limiting physical access to the machines. The following practical tips won't impede very determined hackers, but it will slow them down enough so they won't bother:

  • Install and use a VPN connection to the company network to reduce data theft. They might steal your data stream, but deciphering IPSec-encrypted packets is nearly impossible. (However, a VPN isn't a perfect solution because every time the connection is lost, it must re-establish the secure handshake.)
  • Never leave a computer unattended, and install at least screensaver password protection.
  • For extra security, choose from any number of physical devices that limit access to a specific person or people. Thumbprint access and key synchronizing devices are effective, if expensive.
  • Use public-key encryption for all sensitive E-mails and other files intended for network transmission.
  • With the spread of Wi-Fi finally delivering on the promise of universal Internet connectivity, take advantage of the technology. At the same time, minimize your mobile users' risks of suffering identity or data theft by practicing good computer security hygiene.

    --Beth Cohen

    Beth Cohen, TAC Thought Leader, has more than 20 years of experience building strong IT delivery organizations from both the user and vendor perspectives. Having worked as a technologist for BBN, the company that literally invented the Internet, she not only knows where technology is today but where it's heading in the future.

    Carlos Bravo, TAC Expert, has more than 15 years of experience at the senior-officer-management level (22 years' total business experience). He's a seasoned former Fortune 500 senior executive and founder and principal of multiple companies in the technology, manufacturing, and services sectors. Experienced in all areas, from startup though management of thousands of employees and contractors, Bravo has navigated through several mergers, acquisitions, and IPOs as principal. He's recognized as an industry expert in business-process reengineering and large-scale systems integration for enterprisewide computing solutions.

    Hunter Muller, TAC President, is a respected global expert on IT business strategy, leadership, and organization development. Muller's concepts and programs have been used successfully by many companies worldwide to improve executive performance, enhance collaboration, elevate the role of IT, and align strategy across the CXX/line-of-business suite.

    Editor's Choice
    Brandon Taylor, Digital Editorial Program Manager
    Jessica Davis, Senior Editor
    Terry White, Associate Chief Analyst, Omdia
    Richard Pallardy, Freelance Writer
    Cynthia Harvey, Freelance Journalist, InformationWeek
    Pam Baker, Contributing Writer