Ideal Solutions

By Gary Bolles  |  Posted 07-19-2002 Print Email

Ideal Solutions

The ideal setup? PARC's Smetters says it's a wireless network isolated from the rest of the company's regular local area network (see figure), connecting only where security devices like concentrators can block unauthorized access. WEP should be turned on, and access points should have obscure code names, set so they're not broadcast to the world. Access points should be placed carefully to avoid spreading their signals outside the office. And every employee using the wireless network should have personal firewall software installed on his or her computer.

Ultimately, though, the main weapon in the CIO's security arsenal against insecure wireless LANs is the VPN. Virtual private networking software is invariably used whenever employees dial in remotely over the insecure Internet, and experts and users say the same should be true for wireless LANs. For Dave McLean, network systems engineer for the City of St. Petersburg in Florida, that meant ordering up additional—and often expensive—security software. "We consider the 802.11 to be [insecure], and we put a VPN on top of it," he says. Though some experts point to the additional cost of VPNs—for large companies with no such security, for example, it could be millions of dollars—McLean maintains it can be worth it.

Besides getting a level of security protection it didn't have before, the city is also saving money. Its move to use wireless LANs to link together buildings formerly connected by frame relay and cable modems is saving city taxpayers thousands of dollars in huge monthly communications bills. McLean says the city expects to see the full payback on its multimillion-dollar investment within 18 months of installation. Says McLean: "It's too late to plug holes in your system once data has already leaked out. The ROI when it comes to security is, ultimately, the theft that didn't happen."

CIO Insight Copy Chief Debra D'Agostino contributed to this article.


Submit a Comment

Loading Comments...