Security Concerns of Corporate Wireless Networking

Wireless networking offers easy, cable-free connectivity for connecting to the Internet and other network resources. Increasingly, corporate users are installing wireless nodes on company networks to facilitate notebook computer connections, conveniently located network printers, and conference room connections.

In many cases, the wireless networking access points are setup without approval by the IT function, since wireless equipment is easy to set up and requires no special information to configure it for use on most networks. Although wireless networking products contain varying levels of security, most components have security disabled by default. Be careful! When a wireless access point is installed in its out-of-the-box state, the corporate network is opened up to the public, bypassing any Internet connection firewall or other Internet security.

Unencrypted Wireless Networking: A Security Risk

What are the risks of open-security wireless networking? Unsecured wireless network access points allow access to your corporate network by someone who is not physically inside your office. Depending on the range of equipment, someone down the hall, on another floor, or even outside the building could access your network. Hackers can intercept data packets, gathering sensitive information by having access to your internal network. Sensitive corporate data isn't the only (or necessarily the primary) interest to unauthorized wireless network users. High-bandwidth Internet connectivity is a high-demand commodity.

Hackers using a laptop with scanning software participate in "war driving", a method of locating open wireless networks in business and residential areas. Often the mapped results are posted on the Internet to let others know where they can find an open high-speed connection to the Internet. In addition to the bandwidth drain due to unauthorized use, there is a legal concern with the content that may be transmitted to the Internet using your corporate network. Transmission of illegal copies of digital media and other inappropriate material could put your company at risk.

Protecting Your Wireless Network

What can be done to protect your network, but still allow the benefits of wireless networking? There is virtually no way to completely secure wireless networks. The most a company can do is minimize the access rights that a wireless network has in reference to their corporate network. Companies should treat wireless networks with the same degree of security as they treat SOHO networks for employees working remotely. There are various tools for helping to secure a Wireless network including intrusion detection systems, authentication systems, and encryption systems.

A good first step would be to publish a corporate policy on wireless networking. Let employees know that they will be required to activate the security features of the wireless networking equipment. Securing the wireless devices is the best first step to protection as encrypted transmission is a standard feature of most wireless components. How can you make sure that any wireless equipment on your network is secure? Have your IT department or Leapfrog scan for open wireless network access points on a regular schedule. Design standard network segments for remote access and use perimeter security policy to reduce any liabilities. Then setup auditing equipment to aid in tracking down any potential compromises.

Wireless networking offers great convenience, but with the convenience can come great risk. Take the time to secure your wireless networking components and become aware of what wireless network access is available on your network. A little effort will go a long way towards reducing potential security problems.

For more information on wireless networking and minimizing security risks, check out these sites:

Wireless Intrusion Detection Systems-AirDefense
Wireless Geographic Logging Engine
War driving in San Francisco

This article originally appeared in the December, 2002 issue of FrogTalk.