By John Pescatore, Gartner, Inc.INCREASING COMPUTER and information security is a top technology priority in 2005 for CEOs, CFOs and CIOs, according to Gartner research. Another high priority is “mobile workforce enablement,” which means implementing wireless technologies used in offices, factory floors, warehouses, retail outlets and anywhere else employees and customers interact with business computing systems.However, wireless technologies can create security vulnerabilities in a manufacturing network and the business systems to which the network is connected. Therefore, your enterprise technology managers need a simple but strategic action plan for identifying attacker access points to protect data, mobile devices and the enterprise. Your technology managers must address three key security concerns to ensure safe use of wireless local area networks (LANs):
-
Protect the Data
Since wireless LANs send data over public airwaves, strong encryption must be used to prevent eavesdropping. Standard wireless LAN equipment can be monitored for hundreds of yards by anyone with a laptop, and for thousands of yards by anyone with a simple homemade antenna. Eavesdropping can be prevented by deploying current generation wireless encryption standards, known as WiFi Protected Access (WPA). All wireless LANs should use WPA-certified equipment.
-
Protect the Enterprise
Attackers can break into wireless LANs through access points. Extensible Authentication Protocol techniques implemented in equipment will keep attackers out. Your technology managers should know that wireless sniffers and intrusion detection systems are required investments for business-critical corporate systems.
-
Protect the Mobile Devices
Wireless-enabled devices, whether laptops, barcode scanners, process control equipment or other special devices, provide another penetration path for an outside attacker. They should have centrally managed personal firewall software installed. For special-purpose devices that don’t run standard operating systems, software configurations need to be audited to assure that all unnecessary services are disabled.
Have an Action Plan
Keeping the “bad guys” out needs to be the top concern in a wireless LAN architecture. Your technology managers should conduct a site survey to plan the number and location of access points. From where can an attacker attempt to connect to access points? What dead spots exist where hackers can install sneaky access points?
Using wireless technologies isn't difficult if you build security in from the beginning. It's often impossible to recover lost data or lost production after a wireless system attack, so early detection and prevention are necessary.
Security Continues To Be Top Priority
|
To what extent is each of the following technologies a priority for you in 2005?
|
Ranking 2005
|
Top 5 Responses
|
|
Security Enahncement Tools
|
1
|
600
|
|
Business Intelligence Applications
|
2
|
599
|
|
Mobile Workforce Enablement
|
3
|
435
|
|
Workflow Management Deployment and Integration
|
4
|
430
|
|
Enterprise Resource Planning (ERP) Upgrades
|
5
|
406
|
|
Storage Management
|
6
|
393
|
|
Voice and Data Integeration Over IP
|
7
|
365
|
|
Customer Relationship Management (CRM)
|
8
|
355
|
|
Business Process Integration Tools
|
9
|
313
|
|
Server Virtualization
|
10
|
309
|
Source: Gartner, Inc.
Don't Forget Your Employees
Employee role- and group-based access controls should limit what information can be accessed via wireless connections. If only certain workers need access to certain devices or equipment why allow everyone to connect?
