Risks include hackers, jamming and more

The popularity of wireless networking continues to grow for both businesses and individuals. Wireless networking allows people to obtain data and share information anywhere there is a wireless access point without being tethered to the wired network. Restaurants, airports, coffee shops, truck stops, hotels, and other public places offer patrons wireless Internet access for surfing the Web or retrieving and responding to e-mail.

New laptop and tablet computers, handheld personal computers (HPCs) and personal data assistants (PDAs) are being shipped with wireless capability as a standard feature. Wireless networking promises to improve both individual and business productivity. However, unlike a traditional wired network where access points are physically within a building and can be controlled, wireless network access is available to anyone who can receive the signal. Wireless network security is a major concern for many businesses and is hampering the deployment of wireless networks despite their advantages.

Wireless Fidelity—Wi-Fi—is the term that applies to wireless networks using the Institute of Electrical and Electronics Engineers (IEEE) standard IEEE 802.11b and the newer IEEE 802.11a and IEEE 802.11g networks. These networks all have a range of about 300 feet, so that anyone that can detect the signal could potentially have access to the network and company information. However, the use of directional antennas and other equipment can extend the range that the wireless network’s signal can be intercepted.

Security concerns are a major deterrent to companies installing wireless networks. According to a recent article in the Wall Street Journal, the consulting firm InfoTech surveyed 55 companies that have not installed a wireless network and found that 73.9 percent of those companies had not installed a wireless network due to security concerns. Besides access to the company’s wireless network, other risks include employees setting up unauthorized wireless networks that are not secure, hackers monitoring the company’s wireless network traffic, network jamming, and other security threats.

Security protocols

Wired Equivalent Privacy (WEP) is the standard wireless network security protocol in use today. Wireless access points and devices are shipped with WEP, which provides encryption but no means of user authentication. In general, WEP does not provide adequate network security for business and is vulnerable to attack. Studies have demonstrated that a hacker with the right equipment can monitor network traffic and easily recover the WEP shared encryption key. For residential and small businesses with a low volume of network traffic, it would probably take days to obtain the shared encryption key making WEP adequate in these applications. However, the shared encryption key can be determined in a matter of hours for larger firms with a great deal of wireless network traffic. This is one of the reasons often cited the rapid adoption of wireless networks by small businesses and home offices and the slow adoption by larger companies.

The Wi-Fi Alliance is an association that was formed in 1999 to promote interoperability and certify wireless local area network (WLAN) products based on IEEE 802.11. In 2003, the Wi-Fi Alliance with the IEEE introduced Wi-Fi Protected Access (WPA) to improve security and overcome many of WEP’s shortcomings. WPA’s goal was to make it easier for businesses to employ wireless networks. WPA scrambles security keys and ensures that they have not been tampered with and authenticates users when they log onto the network if an authentication server is used. WPA is replacing WEP as standard Wi-Fi security.

WPA is an integral part of the new IEEE 802.11i standard that is expected to be released in 2004. WPA is forward compatible with IEEE 802.11i which will further improve wireless network security. However, unlike WPA that can be implemented through a software upgrade, the new IEEE 802.11i will probably also require hardware upgrades.

Securing wireless networks

No network can ever be totally secure and this is especially true for wireless networks. However, the following recommendations can greatly improve wireless network security:

• Wherever possible, physically locate wireless access points within facilities so that the range of the signal does not extend beyond the perimeter of the building or secure area.

• Ensure that all wireless access points are properly configured and encryption is enabled. Wireless access points are usually shipped with encryption turned off to facilitate installation and a single unsecured wireless access point can defeat the company’s firewall.

• Establish a policy restricting the deployment of unauthorized wireless access points by employees.

• If the WEP does not provide the desired level of security, consider installing WPA to improve data encryption and provide a means of user authentication. EC

GLAVINICH is an associate professor in the Department of Civil, Environmental and Architectural Engineering at The University of Kansas and is a frequent instructor for NECA’s Management Education Institute. He can be reached at 785.864.3435 or tglavinich@ku.edu.