Will wireless ever be secure enough for the enterprise?

If wireless was simply a matter of business expedience, and we ignored security concerns, it would be as ubiquitous today as laptops and mobile phones. But guess again. Most companies are holding back on deploying wireless because they're not convinced wireless can be made secure, or be made secure at a cost they can afford.

Are the holdouts right, or are they sticking their heads in the sand while competitors deploy wireless and gain an edge? In other words, what do early wireless adopters know that others should know?

First, early adopters know that wireless is an extension of the company's existing IT infrastructure, and not a stand-alone feature. They know that wireless follows the same basic security architecture of the enterprise - including an access control system that identifies users and devices; controls access to specific systems, applications and data, and is flexible and broad enough to cover all identity needs.

Second, savvy wired enterprises recognise that they must have a security policy in place that discriminates between different levels of security for different kinds of applications and user needs. Higher level applications like financial, human resource and ERP systems require end-to-end encryption and airtight security.

Wireless LANs like Wi-Fi, which are now built on IEEE industry standards, can be used for these kinds of high-end applications, but need to be part of a separate network segment that allows for wireless authentication and identity management, similar to requirements for wired users.

Third, the wireless enterprise needs to leverage existing public wireless networks where they make sense - from a business and security standpoint.

This includes Wi-Fi networks in airports, hotels, and convenient locations like Starbucks - and providers, like Blackberry, which are offering excellent value for limited wireless applications, like e-mail and short messaging.

Since these public wireless networks are breakable, IT administrators need to weigh the advantages of using less than perfect security for limited applications that appeal to most users, like e-mail and short messaging.

A mobile sales force, for example, should be able to access internal product data to serve customers easily and conveniently, but perhaps not sales and inventory systems. They should be able to complete customer orders without having to return to a secure location.

Finally, the savvy wireless enterprise should look for wireless partners who can provide enhanced security and packaged services at reasonable cost.

Clearly, the future belongs to wireless, given the big advantages. The question for those who are still on the sidelines is how to build out enterprise IT to include wireless in ways that benefit different types of users and don't add undue risk and cost to the business. This may not be easy, but it's quite doable.

Con Yianakos is manager, IBM Tivoli Security Software, ANZ

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about ANZ Banking GroupBlackBerryIBM AustraliaIEEEStarbucksTivoli

Show Comments