1660339569393 John Prescatore

Keep your wireless business secure

Aug. 22, 2005
Wireless technologies create security vulnerabilities that can threaten your manufacturing network, but a simple plan can protect the enterprise. Find out why security continues to be a top priority in the process industries.
By John Pescatore, Gartner, Inc.INCREASING COMPUTER and information security is a top technology priority in 2005 for CEOs, CFOs and CIOs, according to Gartner research. Another high priority is “mobile workforce enablement,” which means implementing wireless technologies used in offices, factory floors, warehouses, retail outlets and anywhere else employees and customers interact with business computing systems.However, wireless technologies can create security vulnerabilities in a manufacturing network and the business systems to which the network is connected. Therefore, your enterprise technology managers need a simple but strategic action plan for identifying attacker access points to protect data, mobile devices and the enterprise. Your technology managers must address three key security concerns to ensure safe use of wireless local area networks (LANs):
  1. Protect the Data
    Since wireless LANs send data over public airwaves, strong encryption must be used to prevent eavesdropping. Standard wireless LAN equipment can be monitored for hundreds of yards by anyone with a laptop, and for thousands of yards by anyone with a simple homemade antenna. Eavesdropping can be prevented by deploying current generation wireless encryption standards, known as WiFi Protected Access (WPA). All wireless LANs should use WPA-certified equipment.
  2. Protect the Enterprise
    Attackers can break into wireless LANs through access points. Extensible Authentication Protocol techniques implemented in equipment will keep attackers out. Your technology managers should know that wireless sniffers and intrusion detection systems are required investments for business-critical corporate systems.
  3. Protect the Mobile Devices
    Wireless-enabled devices, whether laptops, barcode scanners, process control equipment or other special devices, provide another penetration path for an outside attacker. They should have centrally managed personal firewall software installed. For special-purpose devices that don’t run standard operating systems, software configurations need to be audited to assure that all unnecessary services are disabled.

Have an Action Plan
Keeping the “bad guys” out needs to be the top concern in a wireless LAN architecture. Your technology managers should conduct a site survey to plan the number and location of access points. From where can an attacker attempt to connect to access points? What dead spots exist where hackers can install sneaky access points?

Using wireless technologies isn't difficult if you build security in from the beginning. It's often impossible to recover lost data or lost production after a wireless system attack, so early detection and prevention are necessary.

Security Continues To Be Top Priority

To what extent is each of the following technologies a priority for you in 2005?

Ranking 2005

Top 5 Responses

Security Enahncement Tools

1

600

Business Intelligence Applications

2

599

Mobile Workforce Enablement

3

435

Workflow Management Deployment and Integration

4

430

Enterprise Resource Planning (ERP) Upgrades

5

406

Storage Management

6

393

Voice and Data Integeration Over IP

7

365

Customer Relationship Management (CRM)

8

355

Business Process Integration Tools

9

313

Server Virtualization

10

309

Source: Gartner, Inc.

Don't Forget Your Employees

Employee role- and group-based access controls should limit what information can be accessed via wireless connections. If only certain workers need access to certain devices or equipment why allow everyone to connect?

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.