Wireless LAN (Local Area Networks) is taking the workplace by storm and providing enterprise with increased flexibility, mobility and increased access for the workforce. Many companies employ representatives to work either from home or on the road and are finding constant connection with the main office is a necessity. To cater for this desktop computers are being replaced by laptops and the increased mobility is providing a huge advantage. This process is happening now and the technology has seen a rapid growth in line with the market boom that fueled it. So now the question is not do we need wireless capabilities? The question is how can we get the most from this investment while ensuring the company network is secure and not at risk?
The downside to increased technology and new design is that it provides another potential route of access for the hackers to get into your files. Having your network being accessed in the air creates cold sweats for some bosses and is the main reason wireless didn't take off at this pace years ago. However, wireless is a safe entity now and many large corporate infrastructures are enjoying the freedom of WLAN without so much as a hint of intrusion from unwanted attention. These companies are able to provide guest access to contractors/ visitors on site without compromising any confidential information, create ‘hot desking' scenarios for satellite staff so they can save on office space while the rest of the staff on the road are in full contact with the office despite being the other side of the country. Most coffee shops now provide wi-fi access so even when in an unknown area reps can stay in contact and check emails regularly and even send / receive reports at an efficient rate throughout the day. So what potential threats still exist? Unfortunately laptops searching for an internet signal can be very vulnerable to attack as they are opening themselves to an input signal. This has led hackers within a public area to access other laptops and explore the contents of the victims' files. It doesn't bear thinking about what kind of information could be at risk here, from personal to corporate material of a potentially highly sensitive nature. This is known as ‘peer to peer' hacking, though in reality the offender never actually hacked into anything. The innocent laptop merely roamed the air looking for internet access and offered itself to the malicious intruder. The hacker merely took advantage of this situation while the worker was totally unaware. Another scenario may be if a satellite worker visits the office and takes to a desk. Instead of scanning the office for a wireless signal he decides to take a lead and plug his laptop into the network manually. This seems simple enough. However, while he is working away his laptop is actually still searching the airspace for a wireless network to connect to, providing a backdoor entrance to the corporate LAN. It would only take someone in the car park to connect with this end user point ‘peer to peer' and they will have direct access to the buildings infrastructure without any requirement to authenticate. As you can see this spells a potential for attack, and has resulted in expensive hacks in the past.
The good news is this is all very well understood and attacks like these can be prevented. The level of security required varies from industry sector to industry sector; however the most secure areas of the land are now confident to open themselves up for wireless capabilities. Logistics companies rely on wireless for mission critical operations that would not be possible otherwise. Retail companies can make more transactions and access vital information quicker with WLAN increasing their revenue while ensuring customer payment details are retained under the strictest confidentiality. Coffee shops are experiencing increased revenue through providing wireless for commuting/ satellite workers. Education can increase access to learning resources while shielding themselves from some of the most ingenious hackers ever, students. Even banks and the finance sector are able to increase their efficiency and productivity with wireless and can be confident in the protection of their network through leading technology.
So how do you get to experience the benefits of WLAN without losing sleep about being compromised as a result?
1. Passwords – Usually your ‘out of the box' solution will come with administrator passwords/ usernames so you can log on and use your new toy. As soon as you get the chance change them to something different. Naturally, attempt to make the password as unpredictable as possible by including random capitals and numbers as well as plain text.
2. Encryption – Once you have changed your passwords/ usernames look at upgrading your encryption. The old WEP (Wired Equivalent Privacy) standard can be hacked in 30 seconds compromising whatever data is withheld on the network. There are much better versions out there so be aware that without researching into the options the version you are initially given may not be up to scratch.
3. Authentication – Decide how your employees are going to verify themselves when they are looking to gain access. How easy is this system to crack? For satellite staff, consider implementing IPSec/ SSL VPN gateways and for highly sensitive networks perhaps ‘two factor authentication' may be required. It is best to keep authentication methods uniform across the company.
4. Rogue Detection – For an extra premium there are facilities available that will constantly scan and police your network for rogue AP's (Access Points). This will alert you as soon as there is any untoward activity within your air space. Even better, the technology is available for a system that will automatically cut any connections with a rogue AP without the need for the Network Manager to have to authorise it.
5. Assessment – Once you have your security policy in place this should be regularly assessed to ensure it is meeting the standards that you set out to achieve.
This is a very brief overview of how to secure a corporate WLAN, and most of the points are worthy of a full article themselves. The main point of this was to highlight that there certainly are ways of obtaining the secure wireless network that can take your company to the next level, ensuring the money you shell out acts as an investment and not a glorified expense.
‘Secure in the Knowledge'