Problem solve Get help with specific problems with your technologies, process and projects.

Putting price and vendor prestige before security is a recipe for trouble in wireless

Most users looking to inject wireless into a moderately-sized company base their selection criteria on price and vendor profile.

When most small-to-medium sized businesses go shopping for a wireless solution, network security may not be at the top of their list of requirements. Unfortunately, most users looking to inject wireless into a moderately-sized company, or even a remote division of a larger corporation, base their selection criteria on price and vendor profile. In short, low cost and brand name are at the very core of most of these deployments.

Price, for example, was an important issue when the IT manager of a large, multinational advertising agency went looking for a wireless solution to link users on multiple floors, and then someday tie this system into the networks of various subsidiaries located throughout the world. Although the company's wired network is primary based on Cisco equipment, the team assembled to review different wireless alternatives eventually decided on a solution from a much smaller company that not only offered more flexibility and was based on a less proprietary architecture, but was much less expensive. As he explains, "It fit the bill and at a cheap price."

A more important consideration than price, however, is the brand name of the product, which is prominently displayed on the wireless access points that are scattered throughout the company's offices. The idea is to impress present and potential clients with their taste in wireless vendors, and also to demonstrate dramatically the company's cutting edge and creative nature -- a practice some critics might compare to putting a Coke machine in your conference room to parade your preference in sodas. But, as the IT head of this creative company maintains, "When you by the best, you want to show it off!"

Old buildings, new techniques

More often than not, the pricing issue surrounding wireless is usually closely related to the structural limitations of the environment. This was the case in two separate applications, one involving a local government agency and the other an international manufacturing company.

The government IT manager decided to wirelessly-connect desktop systems throughout multiple departments because the building housing the agency was old and drilling holes and stringing cable just wasn't an option. Some of the walls consisted of eight-inch thick concrete, so hard-wired solutions would have posed a significant problem.

The manufacturing company installed a modest wireless network in its headquarters, as a pilot project, because of the success it had with a similar system located in a division outside the U.S. Also, the structure of the building was old and historic, so physical wiring was not a consideration.

Although price and environmental concerns are both important aspects in the evaluation and selection process, it may be a mistake not to consider security first. The reason is that the current security measures for 802.11 Wi-Fi are broken, say experts who are now involved in creating stronger safeguards that are specifically designed to protect wireless systems. "So, if a company has some wireless and decide to secure it, then they have to do something above and beyond what traditional AP (access point) providers offer," says Al Potter, manager of ICSA Labs' Network Security Labs, which provides testing programs for firewalls, IPsec-based tools, cryptography and authentication systems and most anything else that involves network security. He is also involved in the IEEE's effort to develop wireless security protocols for Wi-Fi systems, which now rely on a Wired Equivalent Privacy (WEP) standard.

Potter maintains that while current wireless security safeguards work -- including such things as virtual private networks (VPNs) and third-party solutions that inject security at the application network layer -- they are not foolproof and do leave a lot of holes in the wireless network. These security solutions may also not be available in less-expensive networking devices and hardware, if you do implement them they may restrict future expansion of the network. His advice to IT managers looking for adequate security tools that still allow some room for flexibility and growth? Adopt new encryption techniques and tools slowly and carefully, but "still leave all the current stuff in." After all, it's always smart to have a workable exit plan should the newer technology fail to deliver on its promise.

Tim Scannell is the president and chief analyst with Shoreline Research, a Quincy, Mass.-based consulting company specializing in mobile and wireless technology and initiatives. Shoreline works with end users, looking to implement mobile solutions, and vendors, developing new products and seeking business and customer opportunities. The company also specializes in training and strategic planning projects. For more information on Shoreline Research and the company's strategic services please go to

This was last published in December 2003

Dig Deeper on Wireless network security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.