Wireless security needs education and strategy

Wireless leaders BT, Cisco and Intel are joining forces to educate users on wireless security and to push through common standards. As wireless networks proliferate, they say, harnessing wireless security is becoming far more important. Users need to take action to address new, and often unnoticed challenges, they warn. The trio emphasises that standards are key to this – enabling industry to develop products and services that work together. Last month they issued common guidelines and advice focusing on three areas: enterprise networks, home wireless networks and public wireless networks. On the former, they say that companies need clear performance objectives. They should also not only to go for regular testing and updating but pursue education so users understand policy and their own responsibilities. Ian Hughes, wireless consultant with BT, says: “There is no black magic to this. It’s very straightforward, but people are put off by the apparent complexity. So it’s very important for them to understand that it is something they can look after.” In terms of standards, there are several: WPA, WPA2 and IEEE 802.11i. BT, Cisco and Intel have worked with others in the wireless industry to agree that IEEE 802.11 is the standard for wireless security, while the 802.11i variant provides the strongest and easiest authentication and encryption. The latter is being used by the industry as the common security framework for developing products and services. Hughes suggests a goal should be a security ‘traffic light’ system on PCs indicating the current resilience of the infrastructure. Nevertheless, Hughes insists “it all comes down to companies’ security policy based on what they have and what they need to protect… The real goal is to have the security default as on: with the previous standards and technology problems that wasn’t possible; now it is.”