Establishing the balance between effective security and
business benefit poses a major challenge for the IT department.
Alison Connolly reports
As businesses increasingly take for granted the ability to give
employees access to office systems while they are on the move,
wireless computing will pose an escalating support and security
challenge for CIOs.
Analyst firm Gartner warns that by 2009 there will be a
fundamental shift in the economics and value of the voice
connection. It predicts that voice over IP and wireless will
dominate and 99% of new voice connections and 70% overall will be
wireless.
IDC research shows that 66% of the European working population is
equipped with mobile devices and predicts that by 2007 there will
be 99.3 million mobile-enabled workers in Europe.
The driving forces, however, are changing. Forrester Research
analyst Ellen Daley said that 60% of companies have wireless access
to e-mail. The trend is for companies to adopt mobile applications
more quickly. "Line-of-business applications will become more
prevalent," said Daley. "Currently 25% of companies have adopted
them and we expect that to increase by 10% by the year-end."
The management and security of devices has become a big headache
for IT departments. "The converging capabilities of these different
devices means CIOs cannot afford to differentiate in the level of
consideration they give to each device," said Mike Small, director
of e-trust strategy at CA.
"This will alter perceptions across the board in terms of what
constitutes technology infrastructure," he said. "A smartphone or
even an MP3 player connected to the network raises security and
data management considerations that cannot be ignored. We may not
see the total eradication of differentiation between devices until
2007, but this is already a concern confronting CIOs."
RSA Security's annual wireless survey shows the wireless uptake
in London has grown by 62% over the past year, but 36% of London's
businesses are leaving their Wi-Fi networks open to attack.
Wireless devices enter organisations either by sanctioned use or by
employees bringing in their own devices. Companies need to have a
wireless policy even if their IT strategy does not include going
down the wireless route.
Daley shares the concern of many in the industry that the major
risk is from employees connecting their own wireless devices to the
network. "One company said it had no wireless in the company so
therefore had a 'no wireless' policy, but on investigation it was
found that 42 access points were placed around the offices."
Managers need to wake up and start managing mobile devices, she
said. "This is the trigger year because as line-of-business data
gets on to handhelds, IT will have to manage and secure these
devices." And it is the smaller companies that are most at risk,
she warned. "Typically, companies with more than 1,000 access
points have good policies."
Security concerns focus on loss of data, interception of
communications via rogue access points, and external access to
internal wireless points. Although these threats can be dealt with
through encryption, strong authentication and virtual private
network connections, the biggest concern for companies should be
how to manage mobility, with a clear understanding of the
consequences of losing a mobile device.
Wireless computing presents the classic security dilemma. The
perceived value to the business is sufficiently high that security
specialists will not be able to prohibit its use but they will be
expected to find ways to enable it to be used securely. This is
largely down to management.
Managed mobility services are available from organisations such
as BT, Hewlett-Packard and EDS, with all the devices managed from
purchasing through to first-tier support and security.
Alternatively, products specifically designed to manage remote
devices offer the ability to remotely lock and wipe any smartphones
or feature phones if they are lost or stolen.
A survey by Websense which looked at the security risks posed by
laptop computers revealed that 86% of workers admitted to
downloading "non-work" software while out of the office - a
statistic that would worry many IT managers.
Websense said, "Mobile phones and PDAs are advancing at a rapid
pace and will soon hold similar value, in terms of information, to
laptops. It is important that companies act now to protect remote
devices within their IT infrastructures."
Handheld devices can also be infected by mobile viruses. Trend
Micro figures show that since the first mobile worm in August 2004
there has been a steady rise in the amount of mobile malware. The
Cabir worm and its variants ran natively on the Symbian 60
operating environment, which accounts for more than 80% of the GSM
mobile phone market.
But the latest threats target newer technologies such as MMS,
and the ability to surf and download e-mail attachments to mobile
phones. Trend Micro warns that this threat will grow with new
technologies, especially those geared towards high mobile
bandwidth, such as Wi-Fi, Edge/GPRS, 3G/UMTS and Wi-Max.
The future of converged voice and data communications is evident
in the new products and services offered by telecoms firms and
internet service providers.
Last November Intel announced the deployment of Wi-Max networks
by 13 carriers with the promise of wireless broadband access. Since
then other carriers have joined the group. Airspan is one of the
companies providing Wi-Max-based broadband wireless access networks
and carrier-class VoIP products.
Its purchase of Finland's Radionet Oy last November confirmed
its belief in the Metrozone environment - a mixture of Wi-Max and
Wi-Fi technologies - as the most flexible combination of access and
backhaul for IP-based voice and data services. Airspan plans to
replace BT's Fusion with a Wi-Max offering of converged
communications to small firms, homes and enterprises.
As the infrastructure strengthens, the range of hotspot
connections available is multiplying. Michael Marsanu, chief
technical officer at Funkwerk Enterprise Communications, said, "It
is estimated that T-Mobile has more than 6,000 hotspots up and
running in Europe alone. And by the end of next year market
researchers predict that there will be more than 35,000 hotspots in
Europe. With the advent of VoIP technology, the chances are that
end-users will want to make or receive VoIP calls in a
hotspot."
Joe Brunoli, vice-president of hotspot market development at
free-hotspot.com, said, "About 95% of all laptops and PDAs are now
being shipped with wireless connectivity included. Adding to this
demand for Wi-Fi will be the introduction of Wi-Fi-enabled mobile
phones. These will allow users to make free VoIP phone calls in
hotspots using Skype or other internet-based VoIP service
providers."
Google offers such a service, and has announced an investment
with Skype in a new company called Fon, which aims to create a
worldwide network of Wi-Fi users who share access to their
hotspots.
Free-hotspot.com has launched a free hotspot directory and
online advertising network aimed at advancing the use of free
Wi-Fi, and plans to provide a free Wi-Fi service throughout Europe.
Brunoli said, "Voice over Wi-Fi phones will drive a move toward
free hotspots, as people with these phones will want to use them
wherever they go."
He warned that a hotspot that is encrypted or requires
authentication will not support universal access. "The mobile
carriers that have their own paid hotspot networks will allow their
mobile subscribers to use their hotspots, but if you have T-Mobile
as a mobile phone provider, you would need to find a T-Mobile
hotspot. Otherwise you will be subject to roaming fees. A free
hotspot will allow anyone to use its Wi-Fi network to make free
phone calls."
Jay Saw, hotspot manager at T-Mobile, said there are several
ways users can connect to hotspots. "Passes can be bought online
that provide a log-in code when the user first accesses a hotspot.
These passes can provide connectivity for an hour, a day etc, which
are ideal for very infrequent users. For more regular mobile
workers it is possible to sign up to pay monthly tariffs with
network providers."
A number of train services offer internet connectivity and some
petrol stations are also providing hotspot access.
The latest focus for the wireless world remains evolving
standards to increase the power and bandwidth of the technology as
well as addressing security issues. James Walker, product manager
for wireless Lan and security at Zyxel, said, "The move to a
standard based on Mimo technology will be 802.11n. This will offer
greater throughput and ranges than the existing 802.11a/b/g
solutions.
"It will use the same frequency and channel width as existing
802.11a/b/g technologies." Experts predict that by the end of the
year we will start to see the first of these products following the
publication of draft standards.
Read article: Wireless special report: Manage the
explosion