Wireless technology in small and mid-sized businesses has introduced a tremendous amount of flexibility in terms of allowing workers to be increasingly mobile and not tethered to a desk. While this has had a positive impact on productivity, it has opened glaring security holes that administrators of wire-based networks did not have to address.
In a survey conducted by INT Media Research, more than half of businesses admitted they had experienced at least one type of security incident involving a wireless local area network (WLAN) during the past year. One third of businesses that reported a breach of their WLANs failed to strengthen their security policies after the attacks.
Some of the biggest vulnerabilities are posed by rogue access points. Rogue access points are set up when someone installs technology, such as wireless routers, without the knowledge or approval of the company's network manager. These breaches can also occur when someone from outside an office installs an access point to get free Internet access or to hack the network.
Rogue access points cause pain
These types of rogue access points can cause small and mid-sized businesses a lot of pain. Proprietary information could become vulnerable to hackers or data thieves. And it's not only your wireless network that is vulnerable. These tricks are used even more commonly on wireless networks in public or quasi public environments -- such as an airport or cafÃ© — and fool users into logging on and divulging sensitive personal and financial information that can be used in identity theft.
Large enterprises may have huge teams of IT and security personnel to identify and protect against rogue access points. Smaller companies, without access to these resources, must develop a more cost effective approach to the solution.
"The problem is that the technology has become so easy to implement that the average user is not aware of security problems," says Michael Markulec, executive vice president, technology and operations, Somerset, N.J.-based Lumeta Corporation. "This wasn't the case five years ago. It's becoming easier to buy this technology and a lot easier to install. As the demand for information continues to grow, we will continue to see the proliferation of wireless networks'¦ and hence potential problems."
Technology can help reduce risks
For large enterprises, Wi-Fi has become more secure over the years, says Carl Blume, of Colubris Networks, of Waltham, Mass. "The number of risk areas has decreased significantly." But small and medium sized businesses are constantly at risk.
Blume notes that it's critical for small and mid-sized businesses to select the appropriate infrastructure for security purposes. With small IT staff and limited budgets, small businesses may be tempted to buy consumer-grade security products. Blume says that these types of products will not support the level of security that's necessary.
Lumeta's product, IPSonar, administers a test for rogue access points that scans the network to identify wireless access points that may be attached to the network.
Colubris' product, RF Manager, is a wireless intrusion prevention system of servers and wireless sensors that continuously scan the airwaves and provide automatic protection against unauthorized WLAN activity. RF Manager detects and prevents threats from rogue and mis-configured access points.