Wi-Fi Security: Analysts Offer 3 Tips

By Brian P. Watson  |  Posted 2006-06-07 Print this article Print

Experts urge companies to fortify policies for protecting wireless networks.

Financial firms stand to lose customers' trust—and potentially massive amounts of their data—if they don't rein in security risks to their Wi-Fi networks, according to new research.

Analysts with TowerGroup, a Needham, Mass., financial services research firm, in a report released last week at its annual conference, note there are a number of security threats for businesses using Wi-Fi networks. In addition to external forces, such as denial-of-service attacks and access violations, another vulnerability is technically un-savvy employees installing cheap access points into the company's network.

Josh Kessler, an emerging-technologies analyst who co-authored the report with Bob Egan, a research director, says many technology executives have chosen simply to ignore Wi-Fi because they don't fully understand the technology's attacks and access violations. "What their approach has been so far is, 'We know there are some security concerns with Wi-Fi, so let's not do Wi-Fi,'" Kessler says.

TowerGroup analysts urge technology executives at financial services firms to take steps to protect their wireless networks, including fortifying their internal strategy and choosing the right system to help block Wi-Fi-enabled attacks:

  • Understand Wi-Fi's capabilities—and its risks. If your organization doesn't sanction Wi-Fi, that doesn't mean you won't have to worry about it. Technology executives need to get their arms around the risks Wi-Fi poses to the corporate network because, whether they like it or not, some employees bring the technology into company systems.
  • Beware of emerging products. Technology managers need to evaluate the risk that popular products like smart phones—handheld computers that employees can use to tap into the network through Wi-Fi connections—could bring to the enterprise before adding them to the company's mobile arsenal.
  • Play a strong defense. Intrusion detection and prevention systems can analyze network activity and execute security procedures to ward off threats and attacks. Technology managers should evaluate and choose an appropriate program to defend against internal and external risk.

    The report also includes analysis of intrusion detection systems from Air Defense, AirMagnet, AirTight Networks, Aruba Networks, Bluesocket, Cisco Systems, Network Chemistry and WildPackets.

    Associate Editor

    Brian joined Baseline in March 2006. In addition to previous stints at Inter@ctive Week and The Net Economy, he's written for The News-Press in Fort Myers, Fla., as well as The Sunday Tribune in Dublin, Ireland. Brian has a B.A. from Bucknell University and a master's degree from Northwestern University's Medill School of Journalism.


    Submit a Comment

    Loading Comments...
    eWeek eWeek

    Have the latest technology news and resources emailed to you everyday.