Lousy security? You could be breaking the law

Businesses in Westchester County, NY, that don't use minimal security on wireless networks that handle customer data will soon be in violation of a new law.
Written by ZDNet UK, Contributor

Local government officials are taking the need for wireless security into their own hands this week as Westchester County, NY, home of White Plains-based IBM passes a law requiring businesses that use wireless networks to handle sensitive customer data to secure their networks properly, internetnews.com reports:

But local tech firms are dubious the law will do much good, and could make things worse by creating a false sense that the most basic security measures are adequate.

"Overall, it's a step in the right direction, but how much of an impact it has on altering Wi-Fi usage habits for the business and consumer remains to be seen," Chuck Conley, vice president of marketing for Boston wireless security firm Newbury Networks, [said.] "Strong authentication and encryption combined with Wi-Fi security technologies will ultimately be the best remedy for keeping the bad guys off the network while protecting users from connecting to unauthorized devices."
And some question the legality of the law:
“As much as the local government thinks they're doing the right thing by enforcing some sort of wireless security, is it really within their rights to do so?” said Doug DiNunzio, senior product manager for Bluesocket in Burlington, Mass.

Complying with the law could give a business a false sense of security since some of the security precautions suggested are easily defeated, he added. It would be more effective and useful to bundle an education process along with the legislation, or at least require businesses that violate the new law to take a class to bring them up to speed on security.

Editorial standards