PR Login | PR register

Wednesday, September 08, 2010      

Understanding the threat


The uptake of wireless networks has increased considerably over the past year as technologies have gone from strength to strength. The boom in city-wide networks and dual-mode Wi-Fi enabled phones has added to this growth, with enterprises realising that wireless access can help increase productivity, flexibility and boost the bottom line.

Yet, despite being aware of the apparent business benefits of using wireless connectivity in the workplace, 43 per cent of companies have so far resisted wireless adoption because they are concerned about how to ensure the wireless network’s security. What these users are not aware of is that despite the scare stories, such security concerns can be addressed and controlled in order to minimise any possible risk.

This is not to say that the external threat isn’t there. As computer users wise up to traditional email attacks, the wider use of new mobile technologies and Wi-Fi enabled mobile devices may be providing new vehicles of attack for hackers. In reality however, the biggest threats to WiFi or wireless local area networks (LAN) security are misconfiguration and the lack of awareness of existing rogue devices - a problem that could escalate as users install their own wireless access points.

There is too much focus on security and not enough on creating viable wireless networks. Scare stories aside, users often remain in the dark regarding WiFi security, particularly as far as it extends beyond the confines of the enterprise network to incorporate the management of users and devices whether they are connected from remote branch offices, hot spots, and home offices.

Organisations must understand that whilst WEP was sufficient to protect wireless networks several years ago, it is now obsolete as hackers are becoming increasingly more sophisticated. Nowadays, better measures need to be taken to address security concerns on wireless networks. For example, point monitoring using a mobile device or laptop solution allows users to identify isolated risks. Ad hoc or continuous monitoring with an enterprise level tool which alerts users to any potential threats or security weaknesses, in some cases proactively scanning the network for potential issues, adds a further level of security to protect users.

Tips for improved wireless security

1. Change default settings

As with wired environments, wireless networks are prone to security breaches and failure to protect and secure the network will inevitably affect performance levels. Businesses shouldn’t assume the probability of security breach is low – a hacker who can access the network is likely to go undetected. There are a number of effective intrusion detection and protection applications available to help protect wireless networks. At a basic level most access points arrive with security settings automatically disabled. Simply changing the default settings on an access point and enabling security settings will offer an initial barrier to intruders. Wireless encryption must also be turned on at the highest level with user names and passwords changed on a regular basis. Even a simple procedure such as this will slow hackers down and prevent them from accessing valuable information.

Some of the major security threats facing an organisation are:

- Accidental associations: Users operating on a legitimate wireless network accidentally ‘drift’ into an overlapping network (for example, the office next door.) This connection can take place without users even knowing about it and, once connected, all user credentials and company data is potentially exposed.

- Unsecured access points: When access points are not encrypted network traffic is more vulnerable to exploitation or ‘sniffing.’ A ‘sniffer’ is computer software or hardware able to intercept and log traffic passing over a digital network.

- ‘Evil Twins’: ‘Evil twins’ are counterfeit access points. These are set up by hackers to masquerade as legitimate access points by employing as many of the same properties as the legitimate access point as possible. Thus, if the signal strength of a counterfeit access point is high enough, a user’s PC may associate with the access point exposing data to the intruder.

2. The importance of policy

Prior to the roll out of the wireless LAN, the correct security policies for wireless users must be established. Security is not just about technology – it’s about people. An organisation should develop a thorough security policy document to ensure there are no breaches coming from within the organisation. This should include guidelines informing users not to install their own individual wireless access points and not to download attachments that may contain viruses to put the network at risk. While it may sound obvious, many security breaches today come from within organisations. Staff should be warned not to leave passwords around for anyone to see and to ensure USB sticks that transfer data onto the network do not contain harmful documents/viruses. All security policies should be clearly communicated to ensure staff are fully aware of what they should and should not do. Inform people at all levels – do not forget about people in top management positions because they are often the ones who hold more sensitive corporate data and are therefore more at risk.

3. Prevent RF spillage

Occasionally, RF spillage can occur. This means an unauthorised user could access the network from beyond the corporate boundaries, for example, the car park or a neighbouring office. Network monitoring and intrusion detection tools are available to illustrate where the network’s coverage extends to and ensure there is no spillage outside the required areas.

4. Constant health checks and network monitoring

A wireless network requires constant monitoring. Simply moving a filing cabinet can decrease a network’s performance and no radio signal is completely immune to interference. It is fundamental therefore that the network is regularly monitored to ensure it is performing at its best. Software exists to monitor noise levels, equipment deterioration, channel activity and intrusion detection. Ideally select a monitoring system which incorporates automatic alarms able to alert users to a problem, allowing it to be fixed before it escalates. Linking this with your existing network monitoring solutions gives a single view of your wired and wireless network, ensuring that the network is always running at an optimum level without needing to be physically monitored, saving time and allowing employees to focus on using the new network rather than watching it.