Wireless safety has commanded a large amount of attention in previous days, but recently the buzz has subsided. Yet, the security of wireless networks still remains an issue. This article discusses the vulnerabilities still prevalent in the wireless world.
Perhaps the major overall growth area in networking is wireless. Companies and consumers are putting more data on the air every day. Wireless safety still is a big issue, of course, but it doesn't seem to be getting quite as much hype as it was a year ago.
Safety at public hotspots rightfully gets the most attention. This vnunet.com piece, which reports on a study from Sophos, strongly suggests that a parallel problem is afoot. Insecure home networks, the piece says, are being illicitly used by outsiders. The study says that 54 percent of those surveyed admitted to illicitly horning into other folks' wireless service.
This would seem to be largely an ISP/consumer problem. The corporate angle is strong, however, for two reasons. One is that people store corporate data on their home computers, and it is vulnerable if the network isn’t protected. The other reason that this is worrisome is that a good portion of home PCs and MACs are connected, at least part of the time, to the corporate local-area network (LAN). Thus, the laziness or ignorance of home users can end up creating a big back door opportunity for hackers.
Perhaps the consumer media is beginning to revisit wireless security. A couple of articles have recently appeared in prominent places. BusinessWeek, in the form of a question from a reader about using Wi-Fi at trailer parks, gives a nice overview of the differences between the Wired Equivalent Protocol (WEP) and Wi-Fi Protected Access (WPA). USA Today has a similar instructional piece. That story - a bit longer than the BusinessWeek effort - discusses the importance of encryption, the dangers of evil twins and discourages people from doing sensitive things from a hot spot.
Like many other security issues, a little attention can go a long way. Indeed, there are four steps that can be taken with fairly little trouble that greatly enhance the security of a WLAN. They are outlined nicely in this post at Network Liquidators. The four steps: rename the Service Set Indentifier (SSID); stop it from broadcasting; enable media access control (MAC) filtering and encrypt.
Consumer Wi-Fi isn't the only potential trouble spot. Companies also face challenges in their use of wireless local-area networks (WLANs) internally. AirDefense, in a survey released last month, found that 85 precent of 2,500 wireless devices it scanned at 3,000 shops in the United States and Europe were not secure.
Wireless, of course, is here to stay. The glare of the consumer industry is fleeting, however. IT managers must worry about WLANs from a number of angles, whether the concerns are splashed across the front pages of newspapers or not.
United, Internet Users Stand; Divided, We End up at Phony Sites
Last week, news hit of a vulnerability in the Domain Name System that, if exploited by hackers, could lead surfers to phony Web sites. The flaw was found by Dan Kaminsky, the director of penetration testing for IOActive. Kaminsky tells IT Business Edge’s Carl Weinschenk that the potential severity of the problem led vendors and researchers to work together to create the patches that now are available.
Defining Virtualization's Role in Regulatory Compliance
Greg Shields, an independent IT author, speaker, consultant, and columnist for Virtualization Review Magazine discusses how compliance and virtualization are related. He shares insight on how virtualization managment tools can play a part in compliance and how that works.
Virtualization Thrives, Security Struggles to Keep Up
VMware has acknowledged a "critical" vulnerability in shared-folder configurations on Windows-hosted VMware software. The bugs lets users of a guest system access host system folders. VMware has not yet released a patch. Virtualization is definitely the server technology of choice, yet security is still a priority.
