A recent visit to my daughter’s doctor got me wondering; when he walked in carrying a notebook computer to access her recent test results, I wondered about how secure the network was. Other organizations, such as financial institutions and retail businesses, may certainly be at risk from outsiders. Could a hacker really sit outside of a bank branch or retailer (or my doctor’s office) and access or manipulate financial, credit card or client information?
There’s a lot to know about wireless network security and it needs to be taken seriously. Granted, network safeguards against wireless security threats primarily use software and encryption and special hardware in devices that are typically installed and managed by network management or information technology (IT) personnel. But as convergence continues in all forms of connectivity, and technologies overlap and support each other, electrical and cabling contractors need a working knowledge of wireless security and its issues to effectively and responsibly serve their clients.
Say you install a wireless access point for a small- to mid-sized retailer who accepts credit and debit cards for payment. You should raise the question of network security, especially if the staff appears to be self-managing their network without much sophistication or input from an IT professional. In this way, you are elevating your company to the role of educator, providing another service.
Data encryption is a widely deployed method of security for wireless access points. There are basically three levels of encryption: unsecured, minimally secured and secured.
Let’s say that your client buys an access point off the shelf, installs it himself and then tinkers with his notebook computer to get it to communicate with others. Before long, he could successfully and, (probably) unknowingly, open wide an unsecured port into his network. At that point, a hacker using tools readily downloaded from the Web for free (Google: “wireless hacking”) can sit with a notebook computer outside of your client’s walls (parked in his lot, sitting in the mall, in the space next door, etc.) and access his network. The access point service set identifier (SSID), which is a 32-character unique identifier that acts as a password when a mobile device tries to connect to it, will remain at its manufacturer’s default SSID. The hacker’s software will only need to try a relatively short list of manufacturer’s default SSIDs to get into his network.
An unencrypted SSID can still be “sniffed,” so even if your client changes his SSID, it may still be unsecured. He needs to go to at least the next level of security, which uses wired equivalent privacy (WEP), a security protocol for wireless local area networks that encrypts data as it transmits it from one end point to another. This level of encryption is already available on many existing off-the-shelf APs and wireless devices. However, WEP uses a static, or unchanging, encryption code on each device; therefore, once a hacker cracks that code for one of your client’s devices, then the encryption no longer provides a barrier.
The latest encryption uses Wi-Fi protected access and Wi-Fi protected access 2 (WPA and WPA2). These provide stronger data protection and network access control than WEP by automatically using random encryption code keys during wireless connections. WPA and WPA2 provide users with a high level of assurance that only authorized users can access their wireless networks. WPA2, which provides government-grade security, is available WPA2-personal and WPA2-enterprise. However, these are only available on the most recent APs and wireless devices, and may require manufacturers’ upgrades on older devices, which are often downloadable for free.
There are many sources for more information, including four free no-frills video tutorials by Todd Logan at www.wireless-network-tutorial.com. Sources for white papers on security encryption and how it fits into a larger network security strategy include www.cwnp.com/learning_center and www.wi-fi.org/white_papers.php.
Consider this: wireless network security offers another potential income opportunity for electrical and cabling contractors. If nothing else, contractors can partner with networking and IT firms to whom they can refer clients. Potentially, everyone wins in those situations: users get secured networks, IT firms get new customers, and electrical and cabling contractors get referral fees. EC
MUNYAN is a freelance writer in the Kansas City area, specializing in business writing and telecommunications. He can be reached at www.russwrites.com.