Interview with Martin Croome, European General Manager of Socket Communications

Mr. Croome has held technical and marketing positions within the IT industry for the last 15 years including 11 years with Hewlett Packard in a number of different business development and product management roles in PCs, networking and handheld products.

Most recently, he was WW Director of Product Marketing for HP’s handheld products division in HP Singapore.

He joined Socket Communications in February 2001 and was responsible for setting up the company’s European operation, based in Grenoble.

Introduce Socket Communications. When was the company started? How did it evolve?

Socket was started in 1992. It was started to develop wireless accessory cards initially based on US FLEX paging networks. After co proposing the CompactFlash IO standard it has evolved into a manufacturer of all types of communications cards based around the CompactFlash form factor, predominantly for Windows CE based PDA’s and tablets. In 2001 we started a separate portion of the business focusing on embedding our ASIC and Bluetooth technology into third party products. Today manufacturers such as Novatel and Intermec rely on us for controller ASIC solutions and Bluetooth modules.

Which challenges do you face in the marketplace? What do you see as your advantages?

The true mobile market as opposed to the notebook market demands skills in simple user interface design and low powered products. Socket brands our efforts in this space as Mobility Friendly. We see this as a key advantage. Socket has sold channel coverage across the world combined with a trusted brand name for mobile accessories.

Despite the insecurities of 802.11, the number of wireless networks is growing rapidly. What should be done in order to raise awareness of wireless security problems?

Unfortunately, in the same way that the best sales incentive for backup is data loss I fear that the best driver for security will be breaches in it. Socket will shortly be releasing 802.1x support in our Windows CE drivers for our WLAN card. We believe that 802.1x will improve the ability of access point vendors to integrate stronger security solutions into their products.

A significant part in the process of developing wireless networks is ensuring that the data on wireless devices is secure. What do you see as the biggest threats to that security?

Frankly anything wireless is inherently more insecure than a wire since it is easier to tap. If customers treat wireless as being as insecure as their Internet connection then they are unlikely to cause any extra security issues through the deployment of wireless LAN.

Handheld devices are now owned by many people who use it for business purposes, which makes companies more susceptible to wireless security problems. In your opinion, what is a good approach in writing a wireless and handheld device usage policy for a corporate network?

This very much depends on the level of security required. As I said above, if the wireless connection is seen as being as insecure as an internet connection and extra levels of security, such as VPN’s are used to secure access to the corporate network via the wireless LAN then data will be as safe as your corporate network. The use of mandatory passwords on handheld devices improves the security of the devices themselves.

Do you see Wardriving as an extensive problem?

Successful Wardriving results in two issues – illegal use of your internet connection or access to corporate information. If the policy above is followed then only the former issue affects you (assuming your corporate LAN is well protected from the internet). This is a far smaller problem than the latter.

Wireless security is subject to interference and therefore to Denial of Service attacks. What can be done to protect from such attacks?

It depends where the Wireless LAN is. If it’s on a campus then a very strong and localizable signal would be required. While you couldn’t feasibly stop it, it would be reasonably easy to localize the signal and stop it. The same issue faces other wireless networks such as GSM and is not a major issue as far as we are aware.

What is your vision for the future of wireless security?

We believe that 802.1X will improve wireless security by enabling much more secure authentication. However we also believe that a wireless connection will never be as secure as a cabled one by it’s very nature so we expect corporates with extremely sensitive information to treat it with caution. The risk / reward equation will be one for each company to assess.