Tech Guide: Wi-Fi: Security For The Masses - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure
News
6/27/2003
01:40 PM
50%
50%

Tech Guide: Wi-Fi: Security For The Masses

A lack of effective security standards has slowed Business adoption of Wi-Fi but hasn't quashed enthusiasm for the technology. Here's what's being done about it

Tech GuideThere's no doubting the hipness of wireless hot spots. Thanks to Wi-Fi technology, tech-savvy people can jack into the Net at Starbucks coffeehouses or on Lufthansa Airlines or at upscale hotels across the nation. In corporate America, Wi-Fi has the potential to become the de facto standard for connecting mobile users to networks, despite serious security worries. New security standards on the horizon might solve some of those problems, making this hip technology far more practical.

Wi-Fi, which stands for Wireless Fidelity, is a consumer-friendly name to describe a gory set of wireless-networking standards. In the engineering world, Wi-Fi refers to a set of IEEE standards, the most common of which is 802.11b, which describes a wireless networking system with speeds up to 11 Mbps. Since the 802.11b standard was ratified in 1999, Wi-Fi use has exploded in both the consumer and business sectors.

Its pervasiveness has also spawned a widespread security risk. The standard security shipped with all Wi-Fi hardware, a system called Wired Equivalent Privacy (WEP), is somewhat of a joke in the security community. Wi-Fi's lack of security wouldn't be such a big issue if not for the way Wi-Fi LANs operate. Wi-Fi access points, the boxes that sit between wireless users and a wired LAN, broadcast their existence to the world, making them easy to locate. With a range of 100 to 500 feet, access points often give workers network access in several adjacent rooms of an office. Unfortunately, that offer sometimes extends to the parking lot and street out front as well.

Tips for Securing Your
Wi-Fi LAN
Move your access points to locations that aren't accessible from outside your building, typically closer to the center of your building
Never use the open (no security) mode, which is the default (out-of-the-box) setting of most access points
Develop a user security policy to match your security architecture. Users can defeat even the most well-planned security system
Don't use WEP, Wi-Fi's standard security mechanism. Use WPA or your VPN instead
If your access point can be administered via wireless links, turn that capability off. Administer your access point via wired connections only. Also, never use the default administrative password provided by your vendor
If your access point allows it, turn off the broadcast of the ESSID (Extended Service Set Identifier) and choose a hard-to-guess ESSID. This will make it harder for hackers to connect to your access point
Data: InformationWeek
The combination of an essentially useless security protocol implemented on promiscuous access points creates a huge potential security hole in any business' infrastructure, including home offices. While entrances to conventional wired LANs can be surgically blocked by deploying firewalls and taking other measures at specific locations, wireless LANs, based on Wi-Fi, offer access to anyone who can get physically close enough to the access point.

Wi-Fi Internet connectivity promises strong business value and convenience, so it's worth figuring out how to make it work safely. There are security options available, and upcoming standards could make them far more palatable.

In the past few years, more than a few network hardware vendors have come up with proprietary solutions for the lack of security in the 802.11b standard. They include proprietary security systems in Wi-Fi PC cards, access points, and PCI adapters. But these require that a customer use only that vendor's networking hardware. While single-vendor sourcing is common in companies, proprietary security mechanisms can be difficult to integrate into enterprisewide security systems that may include VPNs and single-sign-on authentication systems.

So how have enterprises been implementing Wi-Fi security? A common approach is to bypass WEP and use the corporate VPN to provide a secure connection over Wi-Fi links. VPNs manage data confidentiality by encrypting network traffic, but they don't always have authentication systems or access controls that work well in wireless environments, especially when the access point may be publicly accessible (like that Starbucks hot spot). If a VPN isn't set up with strong mutual authentication on both ends, users may be open to a "man in the middle" attack in which a villain on the wireless LAN, monitoring traffic to the access point, intercepts your attempts to connect to the corporate VPN and manages to masquerade as your VPN server, perhaps just long enough to steal logon credentials.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Commentary
Will AI and Machine Learning Break Cloud Architectures?
Lisa Morgan, Freelance Writer,  6/10/2019
Slideshows
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
Commentary
Humans' Fascination with Artificial General Intelligence
Guest Commentary, Guest Commentary,  6/6/2019
White Papers
Register for InformationWeek Newsletters
2019 State of DevOps
2019 State of DevOps
DevOps is needed in today's business environment, where improved application security is essential and users demand more applications, services, and features fast. We sought to see where DevOps adoption and deployment stand, this report summarizes our survey findings. Find out what the survey revealed today.
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Slideshows
Flash Poll