The wireless network as a computing paradigm has brought unprecedented access, flexibility and usability to the I.T. environment in a relatively short time. When one considers that the “conventional” computing environment of an enclosed mainframe system accessed exclusively by hard wired terminals, evolved over a period of 30+ years. Such slow growth of an I.T. system allowed for a maturing of the implementation plan and the time to develop adequate security measures.

By contrast, the wireless network paradigm has exploded just within the last five years. From an infancy in which wireless I.T. access was the stuff of theory, experimentation and science fiction we have come to a point that wireless network access is common to the general public on the same level of widespread use as the television or the automobile. While such success is amazing and a testimony to the ingenuity of its developers, it also brings with it unprecedented security risks. Because of the rapid nature of industry growth, such core necessities as protocol standardization and development and administration of security agreements has had to occur at a rapid pace. As we near the end of 2004, we must review where the industry is in the development of wireless security, what problems still daunt the industry and the direction of addressing these problems that is currently showing the most promise.

Scope of this Article

This article will address at a summary level the most significant security risks in the wireless computing environment. The purpose of the article is to introduce in a centralized fashion the scope of the problem and the most significant talking points on the issue of wireless security and to summarize where the industry is in addressing these problems and where it is going.


Most Significant Sources of Security Risk in the Wireless Environment

The heart of the security problem in the wireless security setting is that networks are at heart an amalgam of independent processing units and the architecture itself is resistant to controls. The very ease of access, flexibility of expansion and evolution that makes the wireless world so successful make it highly vulnerable from a security standpoint.

Ease of access itself represents the greatest security challenge. The very navigation protocols that make it possible for users of a wireless network to find their destination nodes leave vulnerabilities for those who would use the network in an unethical, harmful or illegal manner. To date the strongest response to this form of threat is access controls which we will discuss shortly.

A second level of threat to the network are rogue access points both within the network or department or from outside of the network firewall. We will discuss rogue access points in greater depth momentarily as well.