64% of companies are neglecting their wireless LAN security

Those are chief among findings from a study by the Enterprise Mobility Solutions business of Motorola. It also shows that more than half of large companies use the same security measures for both wired and wireless networks – despite the different threats and weaknesses. In fact, just 47% of companies are using WEP or WPA encryption on their wireless networks, and less than a third (30%) are using any form of wireless intrusion prevention system. "Companies would be naive to use the same security mechanisms for wired as well as wireless LANs," comments Amit Sinha, fellow and chief technologist for Motorola Enterprise Wireless LAN. "It's surprising that companies today are not using wireless encryption standards like WPA2. "The cost of a data breach is $200—300 per compromised record, an order of magnitude more than the cumulative cost of security technologies to prevent exposure. Prevention is always better than cure." Sinha makes the point that IT teams face many security problems for wired and wireless networks, so need to be aware of the need to treat these networks differently. 79% of organisations, for example, promote good security practise by using IT policies across their companies, yet 51% have no way of enforcing these policies across their networks. Further, with employees increasingly mobile, outdoor networks and wireless hotspots may present a security back door into the network. Indeed, 56% of organizations apparently believe that employees flout security measures by sending corporate data over unsecured wireless networks. "Wireless introduced vulnerabilities in the corporate network that traditional security architectures cannot mitigate," observes Sinha. "A layered approach to securing the airspace that comprises of strong authentication and encryption built on industry standards, such as WPA2-Enterprise along with 24x7 wireless monitoring and intrusion prevention, is required."