In South Africa, mobile data services are taking off and we are finding ourselves in an ever-expanding wireless world. Most notebooks and PDAs shipped today are wireless ready, but are they security ready?
The so-called 'Net generation', the next generation workforce, will demand using the same technology at work as they do at home. Constant connectivity is non-negotiable for this audience, which has resulted in technology adoption in the enterprise environment becoming consumer-led as opposed to CIO-led. More and more employees are buying the latest wireless devices and are often tempted to link these to the corporate network.
Whilst the business case for deploying wireless is clear and the associated productivity benefits quantifiable, wireless security is an issue that requires the urgent attention of organisations. Enterprises are becoming more virtual as user demand for mobility continues to grow, which prompts organisations to ensure that their wireless infrastructure is secured from unauthorised access.
Gary Middleton, general manager: Security Solutions at Dimension Data
What needs to be secured?
There are four aspects that organisations should pay attention to when looking at wireless security. The first is securing corporate wireless local area networks (WLANs), followed by greater control of Bluetooth within the enterprise. As more employees access the corporate network from outside the physical constraints of the office, organisations need to ensure that mobile access via services such as 3G and EDGE is completely secure. Lastly, there is a need to secure endpoint devices (notebooks, PDAs) that connect to the network via virtual private networks (VPNs) from remote sites such as public wireless hotspots.
The trend towards mobility is so powerful that various research and analyst houses predict exponential growth. In fact, a recent Datamonitor report stated that mobile e-mail is on the verge of mass adoption, saying that the number of mobilised e-mail accounts will explode over the next three years. Yet another reason for enterprises to respond to the security considerations brought on by mobility.
How to secure the wireless environment
Technology alone will not solve the problem. A combination of appropriate wireless security technologies and security policies and procedures has to be applied.
A complete clamp-down on wireless is not a feasible solution. Restricting a roaming sales force or travelling consultants from having access to the network, e-mail and business critical applications in an effort to protect the network is simply not an option. Therefore, an evaluation of the enterprise's mobility requirements will be a key factor in determining its acceptable usage policies.
From a technology purchasing perspective, rogue wireless detection devices with the intelligence to detect unauthorised devices on the network are finding favour. Wireless controllers and management platforms are able to detect and identify rogue wireless activity.
For users accessing the network remotely, virtual private network (VPN) technologies based on IPSec or SSL are important to encrypt data in transit. In addition, it is important to secure the endpoint itself. This can be done by deploying a combination of content security software, personal firewalls and host intrusion prevent software.
Wireless security considerations
Here are a few security considerations that organisations should be aware of when implementing or evaluating wireless:
* Have clearly defined security policies and procedures in place. Assess your organisation's mobility requirements and formulate and implement policies that ensure you are able to reap the business benefits of wireless without being vulnerable to threats and unauthorised access.
* Select a security policy that is transparent and consistent across multiple device platforms, for example notebooks, PDAs and mobile phones.
* Ensure that wireless is user-friendly for your employees. When designing the wireless security architecture, bear end user requirements in mind - keep it simple, yet secure.
* Do not tempt hackers. Ensure that your signal stays inside your building, preventing people on the street from gaining access to your network.
* Never select the default security setting as it assumes an 'open connect' status.
* Always shut down the logical and physical ports on your wireless devices.
* Ensure that you employ the correct skills to look after your wireless security.