A company looking to beef up the security of its wireless operations should start with its own policies and standards, according to Ken Newman, director of security and risk management at Deutsche Bank AG. That's because standards and policies form the foundation upon which all security efforts are built, he said during a case study demonstration at Computerworld's Mobile & Wireless Conference here.
For example, employees need to understand that something as simple as setting up a wireless access point can pose a threat to company security.

As for Deutsche Bank, it faced a business problem of needing a system that provides confidentiality and data integrity that would meet government-imposed security considerations. Complicating the effort: Fears that advances in technology meant the entire security program would have a life span of only 12 to 18 months.

After strengthening its policies and standards, the next step in the process was "hardening" PCs and laptops from security breaches with personal firewalls, updates and patches for existing software, upgrades to security software, the use of low-level encryption and the prevention of simultaneous wireless/wired connections, he said.

[ Read more ]

Comment:

For all your wireless security information needs, visit the Wireless outside articles section of HNS.

Related items

• Article: Positive Identification in a Wireless World (6 May 2003)
• Article: Warchalking and Other Wireless Worries (3 April 2003)
• Article: How to Make Wireless Networks Secure (26 March 2003)
• Article: Interview with Cyrus Peikari, CEO of AirScanner Mobile Security (24 February 2003)
• Review: Maximum Wireless Security (17 February 2003)
• Article: Detecting Wireless LAN MAC Address Spoofing (22 January 2003)
• Article: Avoid Wireless LAN Security Pitfalls (17 January 2003)
• Article: Interview with Jay Chaudhry, CEO of AirDefense (7 January 2003)
• Review: Wireless Security and Privacy: Best Practices and Design Techniques (17 December 2002)