The Achilles Heel of Wireless: Security.
The wireless evolution has brought untold freedom and flexibility to societies near and far. Users have peevishly endured the static, the loss of connection and the potential threat of eavesdropping on wireless phones for the sake of greater mobility. With the unfolding of wireless local area networks (LANs), companies are further accommodating this desire to conduct business remotely from home, airplanes or just about anywhere. And experts predict that eventually wireless will be as powerful and ubiquitous as wired networks.
But there's one very serious obstacle, says Ralph "Bud" Hamilton, assistant professor of management in the RCB. "You're never going to have as secure a network with wireless as with a wired one. A wire is harder to tap into than air. By its very nature, wireless will never be as safe."
It is virtually impossible to completely secure information voice or data transmitted through the air. Knowing someone might be intercepting a personal phone conversation with a spouse while driving in the car is one thing. However, it's an entirely different situation to know someone could be tapping into an office network and downloading confidential information without anyone ever knowing it.
Security threats abound in the wireless data area, which Hamilton said grew tremendously in 2001. "Many corporations are setting up wireless LANs because they are much more convenient and often less costly than wired networks. And in some cases they're the only way offices can communicate to a remote location. But many of these networks are wide open to security breaches."
The ease with which this is happening is the real concern here. "People are basically just putting a card in their laptop, driving around, and getting access to corporate data. Sometimes it's benign access, and in other cases companies are being hacked internally," Hamilton explains.
However, he assured, most of these "break-ins" are employees of other firms or network administrators tapping in by sheer accident, not hackers on a corporate espionage mission. Then again, he said, there's really no way of knowing how much of this is going on in the wireless environment.
THE SOURCE OF THE PROBLEM
Wireless is experiencing some of the same problems as the Internet. According to Hamilton, all security for the Internet is back-ended because it was originally set up to be deployed within a secure area where everyone is trusted. Wireless is set up the same way. "It's wide open," he adds. "The network default is designed to allow as many people in as happen to be in the area. It makes sense from a technological perspective because you want people to be able to access the network."
There are a slew of issues surrounding wireless security. For starters, wired equivalent protocol (WEP) is the security protocol in the current 802.11b environment. However, WEP is perceived as easily crackable. "A lot of people think WEP is flawed, so they don't even turn it on," Hamilton said. "That's the equivalent of leaving a car not only with the doors unlocked, but with the keys in the ignition and the engine running."
Another concern is the ease of availability of wireless LANs. "Anyone can go down to an office supply store, buy an off-the-shelf wireless router and set up a wireless network," he explains. "That's why a lot of corporations are going for them. Companies deploy wireless networks because they have a few remote employees or some who work inside and out. They're cheap and easy to set up, but, unfortunately, there's not agreement on how to implement security."
This means security becomes an afterthought. "The ideal way to deal with network security is in the design phase," Hamilton added.
One of the most thorny security threats to deal with is people. "Humans are the weakest link. Users typically haven't been careful with passwords, and passwords have been easily crackable," he says. "Going back to our car analogy, we still have to remember to lock the car or it can be hot-wired. It's dangerous to allow users to call the help desk to get in. It could be anybody calling."
To tighten security, companies will need to tighten the reins on users. Moreover, at the very least companies need to enable whatever security their network is equipped with. Other security measures include encryption, a biometric identifier (like a smart card for laptops and handheld devices) or authentication software.
NEW BUSINESS VENTURES
With well over 100,000 computer viruses tallied in the final quarter of 2001 on wired networks alone, network security presents a big challenge for companies. Throw in the enormous security vulnerability of the wireless world and suddenly there's a burgeoning opportunity for a new breed of network security-related businesses.
Hamilton, who teaches "New Venture Creation in Electronic Commerce" at the RCB, says some firms are beginning to extend their core business to include wireless security. These companies are predominantly Internet security firms, wireless implementers and Big 5 consultants.
"I tell students in my class that I see two areas as future opportunities: wireless and middleware. Middleware is the glue between many different types of systems. These companies will determine how to get one system talking to another system, such as satellite, wireless and wired networks. It's not an easy task."
The middleware industry becomes integral when companies begin to launch household products that can "talk" to their network systems. According to Hamilton, washing machines and refrigerators are already embedded with chips that can collect data on usage and malfunctions. Add some variation of an 802.11 chip and the products can alert the company's wireless network to immediate problems, which are then communicated directly to service repair workers in their trucks.
As wireless becomes more pervasive over the next five years, Hamilton expects to see as many if not more changes to the business world as there were from the Internet. "Once you're not connected to things, why do we need offices? Why do we have meetings? Why do we wait for the customer to tell us something is wrong?
"I imagine in 2009 people will say, 'Can you imagine working without wireless?' It can only happen if we deal with the security issues."
Karen Benning
