Home & Office

Security concerns hamper corporate Wi-Fi

Firms that are unconvinced about the wisdom of installing an 802.11b network may find their employees decide to rectify the situation with a trip to the electronics store.
Written by Graeme Wearden, Contributor
The booming enthusiasm for wireless connectivity among office workers is proving a headache for IT managers.

At a debate at the NetEvents European Press Summit last week, industry figures warned that firms who are reluctant to install a corporate Wi-Fi network because of concerns over security and scalability may find that staff take the matter into their own hands.

"The main security problem with wireless comes when an employee buys an access point at (consumer electronics chain) Dixons and plugs it into an insecure wired network," said Brice Clark, director of worldwide strategic planning for HP ProCurve. "The point that many people miss is that the first stage in creating a secure wireless network is to create a secure wired one."

Insecurity is Wi-Fi's vulnerable underbelly. While a wireless LAN can give workers high-speed connectivity away from their desk, it can also create a weak point in the corporate IT system. This is because the Wired Equivalent Privacy (WEP) algorithm, Wi-Fi's security protection, isn't particularly robust--not forgetting that, until recently, Wi-Fi kit would be often shipped with WEP turned off.

According to Richard Webb, European network and WLAN analyst at Infonetics Research, security is still the No. 1 factor deterring firms from embracing wireless. "The industry has work to do to address these concerns," said Webb, who believes that media perceptions about wireless insecurity have "set the market back a bit".

Webb also said that WLANs aren't proving popular with large corporations. "WLANs aren't being adopted at the highest level. When we ask why, we're told that people have concerns about scalability--both in terms of cost and network management," said Webb, explaining that major firms with large premises are daunted by the task of rolling out the 100 or more access points needed to achieve blanket Wi-Fi coverage.

Wi-Fi is a rare example of a technology that is moving from the home to the office, rather than in the other direction. This means that, in some cases, rank-and-file employees are more convinced about its benefits than their IT manager or chief information officer.

"This is still early days for enterprises in their approach to wireless," said Webb. Very few firms have moved to 802.11a, which is faster than the earlier 802.11b standard. "802.11b is adequate for most wireless deployments today, and that's because enterprises are only using their WLANs for a few basic applications," Webb added.

For a firm that doesn't believe there is a business case for installing a Wi-Fi network and risking compromising their security, the danger is that unauthorised access points will be secretly installed by staff. Can this be avoided? "IT managers could always put a password on their laptop's BIOS and disable Centrino," joked Angelo Lamme, international business development manager for 3Com's wireless operations.

Editorial standards