Enterprises continue to battle the installation of
unauthorised, wireless Lan access points (AP) on corporate networks
by employees who are unaware of the security risks.
Tom Dillon, manager for mobile and wireless at Hilton Hotels,
said the management of a Hilton hotel he recently visited assured
him that the property's network had in operation only six
authorised WLan APs. Dillon said he set up sniffer software and
detected 15 APs at the hotel.
He said this illustrated the continued proliferation of rogue
APs, which IT managers need to battle with strict policies.
Dillion also called on companies to institute strong
authentication policies to ensure that only authorised users can
gain access to wireless networks carrying sensitive business
information.
Enterprises need to govern the use of WLan client devices, which
can be used in an insecure mode on home or public-access WLan
systems.
Hilton now requires that WLan clients, such as cards in laptop
computers, be disabled when the laptop is connected to the wired
enterprise Lan to prevent injection of Trojan horses picked up when
the laptop was hooked up to a home network.
Joe Przeporia, an IT manager at Cargill, said his company's many
business units, including manufacturing plants, use such a variety
of WLan and fixed wireless technologies "that we are not [yet]
equipped with it at a corporate level".
Przeporia added that Cargill has started to develop high-level
corporate policies to deal with WLan security, including rogue
access points.
Overall, WLan use and security policies will remain a paramount
concern for business as high-speed, over-the-air network systems
continue to gain market share.
Gartner estimated that sales of WLan chip sets (used in both APs
and client devices) totalled 18 million units in 2002, and it
predicted that sales will hit 50 million units by 2006.