Students Notes

Disha

Library Database

VPM Campus is Wifi Enabled
| | | |

 

Know the hidden risks of Wi-Fi
SUMIT DESHPANDE

ET CONTRIBUTORS[ THURSDAY, MARCH 09, 2006 01:44:44 AM]

Most of us in the business world today, especially those who travel, can’t live without our laptops and readily available Wi-Fi connections. All new laptops today have Wi-Fi built in as a default configuration and if you want one without wireless, it’s a special order. Our world has certainly changed.

Wireless networks offer tremendous benefits, but also present significant risks, particularly around ‘end-point security.’ As more and more mobile workers use their laptops to connect to corporate and public Wi-Fi networks, IT departments — as well as end-users — will need to be aware of the risks and implement the right mitigation plans.

Most Wi-Fi security stories focus on the over-the-air (OTA) data encryption, wireless access control, or intrusion prevention. Although these are important issues, there are hidden risks with wireless that may not be well known, but still present some serious security challenges.

Two of them are (a) working in ad hoc mode and (b) dual homing — the simultaneous connection to two networks.

Wireless Network Interface Cards (NICs) operate in two modes — infrastructure and ad hoc. Infrastructure mode is when you connect to an access point, perhaps in your office, at home, or at a public hotspot. Ad hoc mode allows you to make your laptop behave like an access point and have others connect to you through a peer-to-peer wireless connection.

Wireless laptops in ad hoc mode are prime targets for hackers to connect to and steal information because it is easy to do so and almost undetectable. Interestingly, many users inadvertently have their wireless NIC set to ad hoc mode by default because that’s how the laptop manufacturer set it, or they may have turned it on before but forgot to switch back to infrastructure mode.

An even scarier scenario occurs when a hacker sets his laptop as an ad hoc connection with the same name as a legitimate network, causing unsuspecting users to connect to it thinking it is a valid Wi-Fi network, and divulge important information such as passwords or credit card numbers.

Wired + Wireless Dual Homing

Most laptops today have two NICs — one for a wired connection (Ethernet, dial-up) and one for Wi-Fi. This enables the laptop to be dual homed, or connected to two networks at the same time.

If the Wi-Fi card is set to ad hoc mode, and the user logs on to the wired network, hackers can easily connect to the laptop via the ad hoc mode and then get access to the wired portion of the enterprise network using the dual homed laptop as a conduit.

Here are some simple steps to help you avoid these risks:

1. Turn off your wireless ad hoc mode, and don’t connect to other ad hoc networks, unless you have a very good reason to do so — perhaps to exchange information among trusted people in a secure meeting room. The rule of thumb, however, should be: don’t use ad hoc networks!

2. Before connecting to your corporate wired network, disable your wireless card, or check that your wireless NIC isn’t in ad hoc mode and isn’t connected to any wireless network.

3. Ask your IT department for the corporate wireless usage policy, and adhere to it. The policies are intended to protect corporate information and all mobile users share that responsibility.

And here are some things IT departments can do to ensure secure and manageable wireless computing:

1. Don’t look at wireless as a separate island of technology; it is an integral part of your enterprise.

2. Enterprise IT management must include the security and management of wireless end-devices — both in connected and disconnected modes. 3. Utilise a comprehensive enterprise management solution that provides automatic policy enforcement across wired and wireless systems.

Network connectivity will continue to be a hybrid of wired and wireless. Adhering to best practices will help secure our devices and prevent corporate information from being compromised. So, the next time you connect to a Wi-Fi network, make sure you’ve taken care of the hidden risks before you launch into the wireless cyberspace.

 

The author is VP, Office of the CTO,
Computer Associates



©Bennett, Coleman and Co., Ltd. All rights reserved