 |
|
The Road to Security
By
Anthony O'Donnell
August 10, 2006
Wi-Fi Threats
Widespread use of Wi-Fi adds another dimension of underappreciated vulnerability, according to Bob Egan, research director, emerging technologies, TowerGroup (Needham, Mass.). "There's almost no end to what can be done when people use unsecured Wi-Fi with the cooperation of ignorant IT professionals failing to establish a security perimeter beyond the company's physical border," he says.
Simply imposing a no-Wi-Fi policy is worse than ineffectual, since more than 90 percent of laptops are now issued with wireless capability, to say nothing of a host of handheld devices, according to Egan. To protect against Wi-Fi-related vulnerability, he recommends, companies need to deploy wireless intrusion detection systems (IDSs) and intrusion prevention systems (IPSs). "At the very minimum, the security provided for people sitting at their desks on the corporate campus should be mirrored by the security you provide remote workers," Egan comments. Unfortunately, "In the case of Wi-Fi, that's almost never the case," he adds.
UnumProvident (Chattanooga, Tenn.; $7.8 billion in premium income) had a no-Wi-Fi policy in place for several years, but also took measures to detect the use of rogue devices, according to Chris Bursch, the carrier's vice president of IT risk management. However, both visitors to the corporate campuses and internal staff pressed for wireless Internet capability. The solution, he relates, was to install Wi-Fi capabilities along with a variety of controls.
"We implemented a Wi-Fi network that connects to the Internet but not to our network, and in the areas where we do have Wi-Fi and other wireless internally, we put a significant private key encryption structure on it," Bursch says. Thus, even if an unauthorized person were somehow able to tunnel into UnumProvident's VPN, and even if the intruder managed to get a legitimate user's ID and hacked the password, "They also have to figure out the physical encryption key," Bursch explains. "That's very difficult to do."
|
|
|
|
|
|
|
|
|
|
 |
|
We've got some great Web events coming up, hosted by editors in the FinanceTech network. They're informative, industry-focused, and free to attend. Sign up for the real-time eventŭin order to ask questions, or just browse through our library of past Web eventsŭto bolster your knowledge of banking.
|
|
|
|
|
|
|
|
|
