Interview with Betty Chan, Wireless Product Marketing Manager at SMC Networks
by Mirko Zorz - Tuesday, 21 January 2003.
Our EliteConnect WLAN Security Product has a very good approach: it allows administrators to set fine grain access control policy called "Rights" that are based on Time, Location, Network Traffic, User, Guest, etc. This fine-grained set of user rights matches users with appropriate network privileges. For handheld devices users, the rights should be set to default as "Guest" and only have Internet access in the corporate network without any access to the corporate resources on the network.

Do you see Wardriving as an extensive problem?

Yes, that's one of the reasons why we developed EliteConnect WLAN Security System to provide wireless security in the corporate environment.

Wireless security is subject to interference and therefore to Denial of Service attacks. What can be done to protect from such attacks?

Authentication of wireless clients will not proceed while the wireless network is being jammed. A good mechanism would be to have the ability to detect wireless interference or jamming attacks and automatically send an alert to the system administrator. Once authentication has been achieved, it is important to have a Wireless Security product like EliteConnect. Running VPN (IPSec or PPTP) tunnels from Wireless Clients to the network should be extremely safe and can protect the wireless client data with their strong standards-based encryption.

A significant part in the process of developing wireless networks is ensuring that the data on wireless devices is secure. What do you see as the biggest threats to that security?

The biggest threats are that people are not educated or aware of wireless security. Naive users may not take any precautions and may leave their settings as factory defaults which makes it easy for hackers to attack the network.

What is your vision for the future of wireless security?

The future may be that all wireless clients will be required to be authenticated and run VPNs to their networks, that would solve a large number of the wireless security issues we see today.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th