- Are worries over wireless LANs warranted? Canadian wireless analyst Jeremy Depow notes that despite all the productivity gains to be had by using a wireless LAN (local area network) -- increased mobility, ease of use, flexibility -- many enterprises are nonetheless concerned by the potential security risk.
"The fear in general seems to be we're passing data through the air within the environment," says the senior analyst for Kanata, Ontario-based research firm Yankee Group Canada. "Can people tune in and pick them up? Are you going to lose data?" These are valid concerns, Depow adds.
The good thing, Depow offers, is that vendors are becoming more sensitive to customer concerns. "Most vendors are now anxious to get the technology perfected, to get standards set and make it available. As we go forward it's becoming more of a focus because they're hearing from their own clients and customers," Depow says.
"Wireless LANs really don't present new security challenges, rather they simply bring to the fore security issues that have always been there in the wired world," says Cisco Systems product line manager Ron Seide in Akron, Ohio. "To truly get to an enterprise level of security in terms of robustness and scalability, the existing ratified standards are inadequate."
Seide notes that Cisco is working as part of the 802.11I task force to develop proven methods for encryption. "What we're doing there is actually repurposing a number a preexisting standards or preexisting technologies to bring security to the wireless world," he says.
Seide adds that Cisco's products are fully 802.11b compatible and allow both secure and nonsecure connections on the same access point.
Targeted to medium to larger enterprises, products such as those offered by Laval, Quebec-based Colubris Networks, use embedded VPN technology to boost 802.11b security. Pierre Trudeau, founder and chief technology officer said wireless security products such as its CN1000 model extends the reach of the existing wired corporate VPN server to the wireless network.
"That way we make sure that not a single PC can attach to the access point without first setting off a secure VPN. That secure VPN allows us to taste very strong authentication and then very strong encryption using trickle desk encryption -- once we have authenticated and authorised users to connect to the network," Trudeau says.
Trudeau concedes that a lot of companies are placing a moratorium on wireless LAN projects and that wireless security is still a problem, but notes that manageability is improving and products such as those offered by Colubris will "open the gates a little bit."
Markham, Ontario-based IBM Canada Global Services information security consultant Gary McIntyre says wireless LANs should be treated as any other entrusted network. "IBM as a vendor as well as a service provider has definitely come on the side that says that wireless LANs are essentially an extension of the internet," McIntyre says. Wireless LANs will always be more dangerous than a wired, especially since it is like a hub environment where everyone is sharing the same bandwidth, McIntyre says.
"Wireless isn't quite there yet," he says, adding that IBM deploys architectures based upon static VPNs and wireless authentication gateways which allow for more roaming capabilities.
"The standards that are being developed now promise to actually fix most of the problems we've had with wireless up until now. It's just that they are being justifiably cautious in bringing those things to the market," McIntyre says, adding that enterprises planning on using wireless LANs will need to architect extra security.
Depow agrees. "It depends on the individual enterprise whether the productivity gains outweigh any potential security risk," he says. Larger enterprises with more competitive and secure data may wish the seriously evaluate the pros and cons.
"If you're small-medium business with not that much secure material and you really want to have laptops mobile around the office it's not really a problem."