BT has become one of the first large organisations to
roll out blocking technology to prevent its 60,000 staff logging on
to unofficial wireless networks that could expose the firm to
hacking and virus attacks.
The company is deploying technology from Airdefense to detect
and block wireless networks which are either installed by staff who
are unaware of the security risks, or which are accessible on BT
sites from nearby buildings.
The project will allow BT staff the flexibility to work at
multiple locations using wireless enabled laptops and mobile
devices to securely access e-mail, customer records and other work
applications.
Ray Stanton, global head of security at BT, said that the
technology will allow BT to meet the same security compliance
standards with mobile networks as it meets with fixed networks.
"If you have to provide a level of assurance about your
compliance needs, how do you do that? Most companies know how to do
it in a fixed infrastructure. You have to provide that same level
of service in wireless," he said.
BT has rolled out wireless sensors to 15 of its 21 UK sites, and
is planning a phased roll out to sites in Europe and the US over
the next 12 to 19 months.
The deployment has identified several cases where BT staff have
deployed unofficial wireless network devices, which could expose
their laptops to malicious code or other attacks.
BT has also identified several malicious wireless hotspots that
appear to have been planted by hackers and has begun
investigations.
"The organic life-form still remains the biggest threat. It has
show us that inadvertently people are messing things up. But we are
educating them what not to do," said Stanton.
BT began scoping the project last year, before going through a
long technology selection process and selecting Airdefense.
Because wireless technology is generally immature, Airdefense
needed to solve some technical problems before the technology was
rolled out.
Stanton said that one of the difficulties facing companies that
wanted to deploy wireless security is that there is a shortage of
IT staff with wireless security skills.
"You need to have the right technical staff with understanding
of wireless. Do not just treat it as another network. Understand
who is qualified with radio frequency expertise," he said.
Mobile security falling short
www.computerweekly.com/220124
Comment on this article:
computer.weekly@rbi.co.uk