Many employees in our enterprise handle sensitive data on a daily basis, so having secure network connections is...
of the utmost importance. Up until now, we've only used Ethernet-based network connections, but there has been increasing pressure from business managers to install wireless. Can a state-of-the-art Wi-Fi connection really be as secure as an Ethernet connection, or would sending so much sensitive data over a wireless network be asking for trouble?
It is true that a wireless network connection can be just as secure as a wired connection? While many organizations once shied away from wireless networks due to perceived security risks, just about everyone has come around and now offers at least some wireless connectivity in the enterprise. Wireless network access is simply too powerful a productivity tool to limit it outright.
That said, wireless networks must be properly configured in order to ensure they are secure. When comparing wireless vs. wired security, securing a wireless network is even more important than securing a wired network for one simple reason: Accessing a wireless network does not require physical access to a network jack or cable, as does accessing a wired network. Wireless networks use radio transmissions to carry data between end users and the network and it is difficult to contain those radio waves. Therefore, it’s possible for someone to sit in your office building's lobby or parking lot and eavesdrop on wireless network communications.
Ask a question
Have questions about enterprise network security? Ask expert Mike Chapple! (All question submissions are anonymous.)
The answer to this problem is to use strong encryption to protect data transmitted over a wireless network. Encryption uses ciphers to scramble the data sent between the end user’s computer and the network in such a way that it is indecipherable to anyone other than the legitimate end user.
Wireless networks support two major types of encryption, Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). As I’ve written before, it is absolutely critical that WPA encryption is used on enterprise networks, as hackers have demonstrated significant vulnerabilities in the WEP algorithm that render it completely useless from a security perspective.
The key takeaway regarding the wireless network security argument is that by installing WPA security on a network, it can be relied upon for secure connectivity between wireless systems and a corporate network, and should certainly be at the top of any organization's list of wireless network security best practices.
In terms of how wireless network security compares to that of a wired network, theoretically Wi-Fi should be just as secure as a wired connection, but that's what security experts thought five years ago when WEP was the prevalent wireless encryption protocol, and it of course turned out to be relatively easy for skilled hackers to bypass. The bottom line is that radio communications are likely always going to be more susceptible to eavesdropping than wired communications, so enterprises should account for that risk and plan their network architectures accordingly.
Related Q&A from Mike Chapple, Enterprise Compliance
The HHS security risk assessment tool is designed to help healthcare providers meet the HIPAA security requirement. Expert Mike Chapple explains how ...continue reading
PCI DSS requirement 6.6 demands application security compliance through one of two options: an application firewall or a code review. Expert Mike ...continue reading
Are HIPAA-compliant hosting services a better option for compliance than a secure storage API? Expert Mike Chapple analyzes.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.