Wireless kit must be secure 'out of the box', say experts

    Date17 Apr 2007
    Posted ByBrittany Day
    IT departments should put pressure on suppliers to step up the security of wireless access technology devices.

    This will enable the technology to take off in the corporate world, delegates at the Infosecurity Europe conference will hear next week.

    John Meakin, group head of security at Standard Chartered Bank, said that until suppliers began offering wireless devices that were secure "out of the box", businesses would remain cautious about rolling out the technology.

    "Wireless networking is so fundamental to the way we will use IT in the future, it is a must-have. The wireless industry needs to go through the same conversion on the road to Damascus with security that Microsoft went through," he said.

    Meakin said that it was "absolutely essential" for suppliers to produce equipment that has security switched on by default. He said it was also crucial that technologies be easy to configure even by non-specialist staff.

    Phil Cracknell, UK president of the Information Systems Security Association and director of technology assurance at Deloitte, said that large firms with the technical skills to configure wireless networks securely were frequently left exposed because they left some purchasing decisions to be made locally.

    "I have had two or three clients that have suffered from problems. Where temporary offices need to be set up, non-experts can often buy and install items like an access box," he said.

    Equipment may also lose its secure configuration when there is a problem and revert back to an insecure default state, he warned.

    Suppliers needed to be more helpful by delivering technology that was secure by default so that if anything happened it would automatically default to its secure status, he said.

    Wireless networks were often the weakest point in an organisation's IT systems, Cracknell said. "If I were attacking an organisation, I would not try social engineering or paying a cleaner to insert a memory stick. It is much easier to sit outside the office in a car," he said.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.