Welcome to Brainstorm!
The proliferation of wireless networks supporting roaming workers, guests, and occasional users requires a number of new measures to identify and shut down vulnerabilities before security breaches can occur.
What data security threats will be the most prevalent in 2009 and what security tools are available today to protect company networks against such intrusions?
By Carlos Solari, Vice-President Security and Reliability Office, Alcatel-Lucent
We see a number of sources for security threats that are already apparent that will grow proportionate to the growth of e-commerce. Vulnerabilities in the complexity of Internet Protocol (IP) based systems (such as with Web 2.0 and wireless broadband) can become the opportunity for these sources, and we expect them to continue to be prevalent in 2009 and beyond.
Web 2.0. - More and more information and applications from individuals and companies are being delivered in the cloud and usually via a third party rather than behind firewalls. Often, these third parties deliver services for free (or near free) in exchange for information they can use for target marketing. This results in a blurring of boundaries between what is public and private, and it raises the question of whether these third parties can maintain satisfactory boundaries and security.
Convergence - There is complexity inherent in making voice, video and data work together over the same IP infrastructure. IP is inherently vulnerable and with physical isolation in IP networks no longer possible, creating vulnerabilities that can be easily exploited.
Wireless Broadband (3G/4G) - These next-generation broadband wireless technologies pose a new set of challenges for security because they deliver services across the full range of voice, video and data that operate together in the shared medium of an RF signal where one bad connection can impact traffic for all the participants on the same radio access network.
Solutions - Possible solutions are difficult to arrive at today because there is a scarcity of metrics and very little means to even gauge the size of the problem. A potentially effective means involves making security integral to the original design of devices. However, security measures typically rely on physical and perimeter isolation provided by a set of aftermarket technologies (firewalls, detection and prevention systems) implemented as an add-on to the device, often leaving the user to cobble together a solution. At a high level, standards need to be adopted that provide for greater security to be built in at the original design and development phase. In the meantime, a number of solutions have emerged that are steps in this direction, and they go a long way to providing requisite security.
Non-Stop Laptop Guardian - The Non-Stop Laptop Guardian provides a way for IT staff to fully protect off-site laptops by ensuring that the laptop and its data remain visible and accessible to the enterprise 24/7, even when the laptop is off the network, offline or powered off. It was developed to address the issue of increasingly mobile enterprise employees who connect to the Internet from remote locations using company laptops without going through the security infrastructure of the enterprise, creating a security threat when they connect back to the enterprise network.
Wireless Network Guardian - The Wireless Network Guardian combats the challenge of detecting increasingly complex security threats on wireless data (IP) networks by providing new detection methods for signaling attacks, spectrum manipulations and mobile endpoint compromise, and a means for surgical mitigation to protect the bearer and signaling path and the subscriber's handset, and to preserve valuable air resources.
By David Aylesworth, Senior Director of Marketing and Product Management, Fortress Technologies
Attacks on wireless networks will likely be a prevalent data security threat in 2009. Wireless technologies are used today for everything from supporting mobile users within an enterprise or campus to creating temporary wireless mesh networks for public safety and military use. Forward-looking organizations understand the benefits of using wireless technologies to bring applications and information to those who need it, when and where they need it.
Wireless networks that are not secured at all, or are secured by legacy standards like WEP, are most vulnerable. Even networks protected by the WPA (Wi-Fi Protected Access) standard are vulnerable to attacks on weak (easily guessable) pre-shared keys.
Fortunately, the latest wireless security standards are strong enough to safely support both commercial and government use. The WPA2 security features that are based on the latest IEEE 802.11 standard provide strong authentication and encryption using the Advanced Encryption Standard (AES). WPA2 security is endorsed by the National Institute of Standards and Technology (NIST) and mandated by U.S. Department of Defense (DoD) for wireless LANs. Network administrators should look for wireless equipment that has been certified by the Wi-Fi Alliance for WPA2 interoperability and evaluated by NIST under the FIPS 140-2 Cryptographic Module Validation Program. This will ensure interoperability with other certified Wi-Fi products, as well as provide confidence in the security of the cryptographic implementations.
Wireless Design & Development
©
2012
Advantage Business Media
|
