|Take a look around you… no matter where you seem to be, someone is invariably using their laptop or iPhone to surf the web. Whether it be work-related or just checking out their local sports scores, you can usually find someone connected to and browsing the Internet. This is nothing less than a testament to how commonplace wireless networking has become.|
Even with this wide-spread personal utilization of the Internet many companies today still haven’t made the jump to wireless as a workplace solution. This really boils down to security concerns which is totally understandable considering there is no shortage of horror stories about professional thieves hacking into these networks and stealing valuable customer and proprietary company data.
If you or someone you know is considering a wireless solution, here are a few points from various experts across the field to help you keep it secure while still providing the resources required to get your business goals accomplished.
Authentication: This is an absolute MUST! Nothing less than strong authentication will due in any work environment. There are many older, weaker authentication technologies like MAC (Media Access Control) and PSK (Pre-Shared Key) which will leave your network vulnerable. This is primarily due to the fact they mainly use access rights to determine a user’s identity, therefore, the higher the level of access associated with a particular identity… the greater the potential damage that could be inflicted. Strong authentication policies leverage the EEE’s 802.1X framework, which was ratified for use with wireless LANs in December 2004. This particular framework allows for per-user authentication which provides options for securely exchanging such items as usernames and passwords over the air using a form of EAP (Extensible Authentication Protocol), the standard for secure, encrypted information transfer.
Authorization: Authentication provides a “yes/no” response over EAP encryption identifying to the network whether the individual connecting is accepted or not. Authorization (otherwise known as access control), however, demonstrates that person’s identity using a rich set of enforcements and conditional restrictions. Utilizing strong authorization techniques such as user type delineation, end point integrity checking and allowed location are critical because they help “prove” who a user is above and beyond the username/password/key they provide. Pretty simple if you think about it right?
Accounting: This is something many network technicians and, in some cases, engineers omit when designing their wireless solutions. Regardless, this should certainly be a part of your deployment plan. Accounting collects and can report on critical network usage information such as user identities, connection start and stop times, amounts of data received and sent and quite a bit more. This too should be a “no-brainer” as it can provide extremely valuable information to any company should a suspected breech or theft arise. This information can easily be used to track down who did what, at what time and from where… SNAGGED!