ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Network management Toolkit

Securing wireless networks - it's the people, not the kit

Dan Ilet ZDNet.co.uk

Published: 28 Sep 2004 14:20 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Founder of the Jericho Forum and global information security director Paul Simmonds criticised wireless vendors' approach to security in a panel discussion at the ZDNet IT Priorities Conference in London today. Simmonds said that vendors need to think more about their customers' needs.

"Vendors are missing a trick," said Simmonds. "We need to build security from the ground up. You can tell a board that you've got Deep Packet Inspection and that you're secure, but it's a fallacy."

Simmonds added that companies are not doing enough to protect their mobile devices and that most companies had an immature approach to wireless security.

"I think a lot of what we do are just knee-jerk reactions," he said. "A lot of security solutions are like sticky plasters. But they do no good because they have 300 holes in so you can connect to your customers, partners and vendors."

Dutch bank ABN Amro's global head of technology risk management, Paul Stimpson, called for better management tools to control wireless security.

"It's all a balance," said Stimpson. "But the management overheads can be horrendous. [IT managers] believe they are secure, but the specific tools aren't there."

Alex van Someren, CEO for security firm nCipher, agreed that managing wireless security required better tools.

"You can get reliable service with mobile phones, but not with Wi-Fi," said van Someren. "We need to look at who you are talking to and what they send, not the medium they send over."

Voice over Internet Protocol telephony also raised many security issues for the panel. Van Someren said that he had worked with a New York bank that had deployed 100 VoIP phones to its top employees, but he thought that managing the system would be tough because identification was based on MAC addresses.

"The best thing they could think of was MAC addresses," he said. "That's not so hard to spoof and all those long numbers are not pretty. The idea could do well, but the management will be tough. It's just not an adequate authentication model."

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
154 out of 272 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Network management


Company/Topic Alerts

Create a new alert from the list below:




On The Road Blog

Nathan Barley's magic hotzone

Via an interesting post on Absolute Gadget, I learned of BT and Fon's plan to distribute 1,000 routers in Shoreditch, East London. The idea, it seems, is to create what BT like to call... More

Post a comment

SnapYap - New Flash-Based Video IM Pro...

I have just tried out another new Adobe Flash-based video IM program, SnapYap. Like other such flash-based programs, there is no separate program or client to download and install... More

Post a comment

In-Flight VoIP

With American Airlines having started offering Aircell's in-flight internet access, and several other airlines due to introducing soon, articles on using VoIP in flight now abound.... More

3 comments