Although wireless networking holds great promise for extending and mobilizing the 24/7 connected world we've all become accustomed to, it obviously comes with a wide variety of manageability and security headaches for IT departments. Two of the biggest problems IT administrators currently face are protecting mobile users who are now connecting to public wireless hotspots and keeping well informed about the latest standards and techniques for securing wireless LANs.
The public wireless problem
More and more wireless networks now beckon the unwary road warrior. So it's become vital for administrators to take responsibility for the mobile workers carrying company data out into the connected world of airports, high dollar coffee shops, hotels, and restaurants and taverns—many of which now allow users to connect their laptops and/or PDAs to the Web using wireless public networks.
If you've never given this a thought before, consider how little your laptop-equipped users are aware of the dangers of logging on to any random network they encounter in their travels. At a bare minimum, you need to educate them about the threat these open networks pose. You may also need to scrub their systems of any critical unencrypted corporate data they are carrying around.
Just as companies are coming to realize how dangerous unfiltered access to the Internet is in the office, IT professionals as well as users must start viewing public wireless networks as a wilderness where many systems could become easy prey for attackers. After all, why should a hacker go to all the trouble of breaking into a corporate network when an open wireless network provides easy access to a corporate system? From there, an attacker can, for example, plant a Trojan or raid corporate data stored locally on the system.
A well-configured firewall is essential for any laptop that has wireless capabilities—regardless of whether the person carrying it has any confidential information—because, at a minimum, they may pick up a Trojan, a virus, or other malicious software and later transfer it to the company network.
Keep up with WLAN security
Securing your own wireless network can be a much bigger challenge than guarding your mobile users, and this is due both to weak security offerings and a confusion of standards in the wireless field. In fact, most wireless vendors ship their offerings with encryption turned off and/or with very weak security settings as part of the default configuration.
Even with encryption turned on, a Wi-Fi network is inherently insecure because the encryption used is weak. Forcing your users to use encryption locally will at least prevent the average script kiddie—who just got a laptop as a birthday present—from penetrating your system by doing little more than walking past your office building. The effort to encrypt your WLAN may also provide a good legal, if not technical, defense against serious hackers taking over your network for illegal purposes.
Although configuring an open wireless LAN has become so simple that virtually anyone can do it, securing one is a major challenge worthy of the time and talents of a top security expert.