Wireless networking frees mobile workers from wires and cables, allowing them to collect and view data whenever, wherever they choose. The popularity of wireless networking is broad and continues to grow. The Gartner Group stated in an April 2005 study that by 2015, the average urban citizen in the United States and Europe will use at least six wireless networking technologies per day. read more.
FTA:
“In an effort to shore up against wireless security threats, some companies have taken the extreme approach of banning wireless technology from use. Maybe a good idea in theory, but today’s business environment requires the flexibility and speed that mobile communications offer.”
I love how some writers justify actions. Statements are just a tad bit thin.
“In many cases, it is simply too late to reject wireless technology as it is likely that employees already use it in the workplace – RFID keys, automatic entry systems, cell phones, and possibly even rogue access points – without corporate knowledge or approval.”
Ahhh, so people can break policy and we must just say o’well and just make it legal in the work place.
“Many employees will pursue the benefits of wireless without the blessing of their corporate IT staff. ”
Do the magic words “your fired” mean anything?
“Many employees will pursue the benefits of wireless without the blessing of their corporate IT staff. ”
Do the magic words “your fired” mean anything?
Amen to that.
Like the article has pointed, wireless will be pretty common in employees lives… corporations can pretty much ban all this stuff and alienate their employees (and that may be a good solution for banks and similar business where absolute security is important not just for the business interest, but also a must for their costumer’s data), or try to fix the root of the problem by creating guidelines how employees should use this technology, how they should secure them selfs and how they should secure company’s data. Probably better than waiting something happen and then fire the pour guy with a big “I told you”… It still too late, you data is compromised.
By the way, the article points some good approachs. They’re all good ones, for today. But the truth is, we still need research for better wireless security. Including better interfaces for it.
Do the magic words “your fired” mean anything?
No, but the words “you’re fired” may mean something.
Thank you so much for the grammer lesson. Keep in mind that not all people are native english speakers. Now please feel free to add some worth while content to the discussion (if possible).
I was just enforcing your point, albeit in a correct way.
Wireless security is an oxymoron. Snapes kills Dumbledore. It’s hard enough to get -wired- security (Van Eck phreaking, anyone?).
Is it really that hard to implement a decent security model for a wireless network?
It’s not *that* hard to implement a relatively secure system to do authentication of the employee and encrypt all data with a rolling key (even a unique key per user would be possible).
Additionally, providing a good amount of access points will stop employees from setting up “rogue access points”.
Of course, this isn’t a rock solid setup, but it should be fairly safe for most corporations. I mean, how many unauthorized, unsupervised people are going to be close enough around the area and be able to get a wireless signal *and* a connection before the key rolls over?
The article is authored by Intermec, who provides wireless solutions for supply chain commerce. So it is no wonder they are preaching that wireless is essential to getting any work done.
Are the worst idea ever in a corporate environment. Imagine you give everyone a key ( what you have ) except you can never revoke it or alter it, does that sound like good security?
When ( not if ) biometrics are compromised you can’t just issue the user another token to use and you are screwed. Everytime there is an advance in technology you would have to re-key all of your systems to the new technology. This vs standard what you have/what you know technology that is already out there, already cryptographically secure and mature.
The only time you could say biometrics are a decent solution is when security is important with a large LARGE group of users who are not under your control ( general population ) where hardware tokens just don’t make sense.
I agree if we’re talking about biometrics as a single-factor authentication method. The situation changes somewhat if you’re using it as part of a multi-factor system.
No, because crypography is only as insecure as the weakest link. In this case the entire burden falls on the secondary items ( probably PIN ). Once the biometrics are broken it’s a simple matter of brute forcing a simple 4 digit pin or other short, weak, password. And the long term problem is that without changing to another form of biometrics, you are now reling completly on the secondary authentication method.
So, once again, biometrics is the worst idea for computer security that anyone has come up with.
You’re making far too many assumptions as to the number of factors, the nature of the non-biometric factors, and the role of said biometric factors.
If the system is secure without the biometric factors then there is no rason to use biometrics since it only complicates an already secure system. If the system is NOT secure without biometrics then you are clinging to a false sense of security.
So either way biometrics are not a good idea.
wireless security…. keeps honest people honest….
nothing else to say…
I don’t see why rogue access points are a big deal. If you have the balls to implement wireless at all, aren’t you going to do regular scans of the wireless network to make sure valid AP’s are being used?
Jeez, you could probably right a VB app to do that, and cross reference the results against a database of valid AP’s, then send an alert if another, invalid AP is detected.
Knowing a rogue AP is out there is one thing, finding the AP is another matter entirely.