Print

Comment

Email

Digg

Del.icio.us

Reddit

Twitter

Once wireless was considered a boon, but with the benefits comes the danger. With terrorist attacks on the rise, technology is more and more being used for illegal purposes. In the recent Mumbai attack terrorists used satellite phones and one of the weakest links to gain access to the Internet is through Wi-Fi hot spots that pose a serious risk to enterprise and national security. A recent report published by Mahindra Special Services Group says Most enterprises setting up wireless networks have implemented Wi-Fi with the sole objective to enable mobility and Internet connectivity to the end user. Laptops preloaded with wireless access cards and auto connectivity settings have also facilitated large scale deployment. Most users connecting these wireless devices are unaware that they are actually transmitting information over air that can be easily viewed by others. Remote wireless accessibility has also enabled hackers to connect to corporate networks from outside the corporate premises.

The latest terror attacks showed that the terrorists are not far behind when it comes to leveraging technology. Unsecured wireless networks pose a big threat to organizations and individuals alike. Terrorists would easily break into these networks and steal information and use the network to carry out cyber attacks anonymously. Reflecting on this Amuleek Bijral, country manager, India and SAARC, RSA says, By stealing data from unsecured networks terrorists would impersonate a trusted entity and carry out social engineering attacks. One good example of Wi-Fi hack was the recent case where the terrorists used the Wi-Fi network of an unsuspecting American in Mumbai to send out the email claiming ownership of the Ahmadabad bomb blasts.

The Impact on Security
Wireless connectivity, by virtue of the medium it uses, is not as safe as a wired network. Unsecured wireless networks are prone to war-driving attacks. Hackers could park a car outside a company campus and hook into the wireless network. Tools are freely available to allow anybody with a Wi-Fi enabled device to have a crack at any wireless network. Wireless networks need to be properly secured to protect them. WEP encryption can protect the network to some extent but it is still not a very strong form of security. Additional stronger security measures like two factor authentication should be employed to protect wireless networks. Says Bijral, The choice of which kind of network to use depends totally on what the organization wants to use it for. A properly secured Wi-Fi network can be a great asset and provide free mobility and access at difficult points normally not reachable by wireline networks.

Unsecured wireless networks are a huge problemboth for the owner of the network and for those using it. When someone uses an unsecured wireless network, they are vulnerable to eavesdropping like sniffing of the network for passwords and other sensitive information. They are also more vulnerable to attacks and viruses. Says Bhanu Panda, vice president, APAC/EMEA sales and business development, Array Networks India: If your wireless network gets used by someone else for unlawful purposes, the government will come knocking on your door first, and take away your computers and all other stuff while they put you under a cloud of investigation, with a ruined reputations if you survive the questioning and innuendos that follow. The onus will be on the owner of the network to prove that he is innocent, and all actions done by him or any other friend or family on his network are also innocent in nature. That could be a very difficult time.

Experts also say that one of the biggest security concerns is of unauthorized access to enterprise networks and rogue wireless networks. An open network invites trouble, because it attracts people, some of who may be just looking for a free way to surf the Net. But there may be some looking around for opportunities to get in. The analogy would be that of bad people testing the neighborhood and studying it before they decide to get in and injure. The more open and easy it is to get into; the higher is the risk of losing valuable data. The other issue about rogue wireless networks is that it is so easy and cheap for someone to put up a little wireless antenna, connect it to their cubicle or office to give them a little more mobility than corporate IT would give them. Those people risk putting themselves and their enterprises at risk for a variety of hacking attacks and back doors in to their corporation.

Says Bhanu Panda, There are many companies who have instilled corporate policies that ban the use of rogue wireless networks in their companies, with due punishment for those guilty. Most wireless equipment come with encryption capabilityusers need to ensure that these are turned on, and set at the highest level possible. While WEP is recognized as being vulnerable, running a 128 bit encryption makes it a harder nut to crack. However, WEP relies on shared keys and distribution of keysthat poses problems when people leave the organization or share it with other people.

Solutions for a Secured Wi-Fi
Companies like Array Networks believe that an enterprise class solution could leverage an 802.1x or WPA infrastructure to gain a stronger security implementation at the wireless layer. An even better solution would be to always have people use their VPNs, regardless of the wireless layer. Recently, companies such as Array Networks have been proposing the idea of a new perimeter, where all access is controlled through a security gateway, regardless of whether the access is coming from a local network, a wireless network or remote network. By implementing such a concept, and moving all valuable server and network resources behind it, an enterprise is narrowing down the aperture of access through a very controlled entry gate. For instance, Array has implemented a targeted solution called WiFiProtect on its SPX Series Universal Access Controller product line that achieves just that. It also augments it with end point security to make sure that the PC that is being used to access is also protected and compliant to corporate IT policies, thereby reducing the overall risk significantly. Since such a solution is transparent to the end user, and operates at a transport layer. It is also simple and elegant to use, while providing a consistent user-experience.

Companies like RSA have been working to address remote connectivity (wired and wireless) security issues. RSA provides solutions like Secure Remote Access and Secure Web Access to address various security challenges that organizations face while using broadband connectivity. According to the company RSA has had maximum success when it comes to securing network communications for customers. RSA also has the largest market share in the two factor market. Says Bijral,The most importing thing is that the enterprise should look at security as a whole and not as a patchwork of products solving a particular security problem. A strategy which is information centric and focuses on the risks involved would be very effective in addressing the various threats that any organization faces today. For an effective implementation of this strategy it also needs to be repeatable.

Despite the huge risks involved, mobility is the way forward and one cannot restrict its usage. What needs to be done, both at the consumer and enterprise levels, is to drive home the importance of security. At the enterprise level, these are taken care as part of the larger network management issue, but still a specific policy driven approach to mobile security is what experts prescribe for enterprise mobile access. The policy framework must factor in aspects like vulnerability assessment, deployment of controlled access, high degree of encryption, access point management and host of other polices depending on sensitivity of data. This will create a fool-proof wireless security and access regime.

Shrikanth G
shrikanthg@cybermedia.co.in

Page(s)   1