Home » Data Protection » Wireless/Mobile

Opinion

Wi-Fight It?

CSOs struggling with wireless need an attitude adjustment.

By David H. Holtzman

September 01, 2003 — CSO — Security, like other bastions of business, prefers conflict to conformance when first faced with a new technology. Wi-Fi is no exception. In fact, wireless devices have received a corporate welcome every bit as warm as the one I reserve for the long-distance companies that interrupt my dinner to save me a nickel. However, like it or not, remote access technologies are infiltrating the enterprise and will change the direction of corporate security.

Technology adoption as discussed by CIOs and CFOs can sound methodical and leisurely, like a foursome chipping and putting their way through a deserted back nine on a late August afternoon. CSOs know better. Trendy electronic gizmos are the ready golfers of the workplace, driving their way through the corporation and sinking IT procedures in their wakeexecutive gifts the first year, management perks the next and the subject of Dilbert cartoons thereafter. This is the point where smart CSOs choose to remain noncombatants. They know assimilation is inevitable, especially as the devices devolve into features integrated into other products such as Intel's Centrino chip with built-in Wi-Fi. Another embedded remote technology is RFID chips, which will almost certainly replace bar codes for inventory controlproviding a new headache for information security.

Protecting network space, where information is distributed across multiple machines, is a mammoth task. Comprehensive protection requires validation of every action and recurring authentication of each participant. Network space will never be safe because there are too many points of access. Locking up a few tapes or bolting down a computer room is a manageable process, but validating every piece of executing code on a network is not. Especially when much of it is provided by vendors and unaccompanied by source code. Sure, applications provide authentication mechanisms, but they will never be foolproof. Like the antiviral programs, they will always be reacting to the last exploit, not anticipating the next.

Wi-Fi makes it harder to constrain intranet access because physical proximity is all that it takes to circumvent a firewall. "War-chalks" on sidewalks and buildings showing the overlap area of someone's network access point have become common sights. RFID tags may not jeopardize assets, but they do provide insight into inventory if someone gets close enough to scan them. The presence of some tags can give away a secret ingredient for an industrial formula; an unexpected quantity of others may indicate expansion plans. Even the absence of some items may be noteworthy.