The ideal setup? PARC's Smetters says it's a wireless network isolated from the rest of the company's regular local area network (see
Ultimately, though, the main weapon in the CIO's security arsenal against insecure wireless LANs is the VPN. Virtual private networking software is invariably used whenever employees dial in remotely over the insecure Internet, and experts and users say the same should be true for wireless LANs. For Dave McLean, network systems engineer for the City of St. Petersburg in Florida, that meant ordering up additionaland often expensivesecurity software. "We consider the 802.11 to be [insecure], and we put a VPN on top of it," he says. Though some experts point to the additional cost of VPNsfor large companies with no such security, for example, it could be millions of dollarsMcLean maintains it can be worth it.
Besides getting a level of security protection it didn't have before, the city is also saving money. Its move to use wireless LANs to link together buildings formerly connected by frame relay and cable modems is saving city taxpayers thousands of dollars in huge monthly communications bills. McLean says the city expects to see the full payback on its multimillion-dollar investment within 18 months of installation. Says McLean: "It's too late to plug holes in your system once data has already leaked out. The ROI when it comes to security is, ultimately, the theft that didn't happen."
CIO Insight Copy Chief Debra D'Agostino contributed to this article.