-
Protect the Data
Since wireless LANs send data over public airwaves, strong encryption must be used to prevent eavesdropping. Standard wireless LAN equipment can be monitored for hundreds of yards by anyone with a laptop, and for thousands of yards by anyone with a simple homemade antenna. Eavesdropping can be prevented by deploying current generation wireless encryption standards, known as WiFi Protected Access (WPA). All wireless LANs should use WPA-certified equipment. -
Protect the Enterprise
Attackers can break into wireless LANs through access points. Extensible Authentication Protocol techniques implemented in equipment will keep attackers out. Your technology managers should know that wireless sniffers and intrusion detection systems are required investments for business-critical corporate systems. -
Protect the Mobile Devices
Wireless-enabled devices, whether laptops, barcode scanners, process control equipment or other special devices, provide another penetration path for an outside attacker. They should have centrally managed personal firewall software installed. For special-purpose devices that don’t run standard operating systems, software configurations need to be audited to assure that all unnecessary services are disabled.
Have an Action Plan
Keeping the “bad guys” out needs to be the top concern in a wireless LAN architecture. Your technology managers should conduct a site survey to plan the number and location of access points. From where can an attacker attempt to connect to access points? What dead spots exist where hackers can install sneaky access points?
Using wireless technologies isn't difficult if you build security in from the beginning. It's often impossible to recover lost data or lost production after a wireless system attack, so early detection and prevention are necessary.
Security Continues To Be Top Priority
To what extent is each of the following technologies a priority for you in 2005? |
Ranking 2005 |
Top 5 Responses |
Security Enahncement Tools |
1 |
600 |
Business Intelligence Applications |
2 |
599 |
Mobile Workforce Enablement |
3 |
435 |
Workflow Management Deployment and Integration |
4 |
430 |
Enterprise Resource Planning (ERP) Upgrades |
5 |
406 |
Storage Management |
6 |
393 |
Voice and Data Integeration Over IP |
7 |
365 |
Customer Relationship Management (CRM) |
8 |
355 |
Business Process Integration Tools |
9 |
313 |
Server Virtualization |
10 |
309 |
Don't Forget Your Employees
Employee role- and group-based access controls should limit what information can be accessed via wireless connections. If only certain workers need access to certain devices or equipment why allow everyone to connect?