Mobile devices Toolkit

Secure wireless workers

Tags:
DSL,
Wireless,
ADSL,
Java

Tim Landgrave Tech Republic

Published: 15 Aug 2002 09:47 BST

During the Internet boom soothsayers said that we would all have high-speed, universally available, mobile access to corporate data via cell phones and other devices connected to high-speed 3G networks

That prediction collapsed with the Internet economy, and the deployment of the high-speed wireless networks has slowed considerably. Yet mobile Internet use is still rising, fueled primarily by the wireless hub market and not by high-speed 3G networks as predicted.

The new "mobile Internet" based on wireless hubs is forcing CIOs to make fast decisions. Should you allow and deploy wireless cards, and how do you control data access when wireless hubs are accessed outside the office?

Starbucks as the off-site office
Ever wondered why that cup of Starbucks coffee costs $4? Part of the income goes to supporting one of the largest wireless networks in the world that will include every U.S. Starbucks by the end of the year.

The wireless Internet isn't available only at the local coffee shop. It's wherever business travelers gather, including hotels, convention centers, and airports. What's made this kind of network possible? Rather than being deployed as a series of cellular towers as first envisioned, it's been accomplished through the combination of high-speed landlines to common areas with wireless hubs based on the 802.11b standard providing the "last 1,000 feet." And these are just the legal networks.

As an experiment, I took my laptop, loaded with Windows XP and a wireless card -- a poor man's wireless network sniffer -- and drove around my neighborhood. With very little effort, I was able to tap into over 20 wireless networks in just over two hours of slow driving. These are in-home wireless networks set up by individuals with DSL or cable modem access using the default settings provided by the 802.11b hub manufacturers. There is no Wired Equivalent Privacy (WEP) security, and the manufacturer's name is the gateway name. In many cases, the network users had multiple PCs sharing files with little or no protection. With a little digging I likely could have accessed corporate files downloaded to home workstations.

Review remote support and applications policies
It's this wireless network scenario that has most CIOs concerned. If employees can take corporate documents out of the building, then what keeps them secure?

Right now a corporation is much more at risk of losing data with a lost laptop than with a home Internet connection. Yet, as more and more homes get wired and workers grasp the benefits of wireless Internet access, the focus of electronic thieves will shift to these home networks. So there's no better time to begin protecting corporate assets that will be moved over these networks. To do this, you need to evaluate two of your existing practices -- support for external network connections and applications exposed over those connections. It's a good time to publish and support a remote security plan.

With the original dial-up modems, the most users wanted was access to e-mail. But today's high-speed access points -- whether in the home or at the airport -- have spiked users' expectations. Many corporations have established policies and installation procedures to equip corporate laptops with the software -- and provided laptop users with the training necessary -- to make secure, tunneled corporate connections using standards like PPTP. But they haven't taken the next step of defining standards, procedures, and support policies for users who want to connect through a wireless gateway with their own PCs.

Go to section: