home news blogs forums events research newsletter whitepapers careers


Network Computing Network Computing Network Computing
HOT PICKS

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |
APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers



 
NetNews
N E W S / A N A L Y S I S  


Wireless LANs and Nuclear Secrets

February 6, 2002
 By Dave Molta




Read more stories from our BuzzCut Archives.


The fast-growing wireless LAN industry was dealt a bit of a public-relations blow last week when concerns about wireless security led a tech-savvy government research lab to pull the plug on Wi-Fi wireless. Lawrence Livermore National Laboratory (LLNL), a U.S. Department of Energy national laboratory operated by the University of California, banned the "deployment and use of all wireless computer local area networks (LANs) in LLNL's Open and Property Protection areas."

That's a real attention-getter, but there's another side to the story. When interviewed by 802.11 Planet, an online site that reports on the wireless industry, LLNL spokesperson David Schwoegler said, "Please realize that we have for more than a decade prohibited any RF, microwave or other technology that can transmit electronic data in our classified areas -- including cell phones. This ban simply extends that ban to other areas of the Lab while we study the issue and the technology. No incident prompted this ban. No information was compromised and only two LANs on site were impacted by the decision."

I first learned about this incident when a friend showed me an article in USA Today, which of course is every IT manager's definitive source for technical information on network security. The article included a reference to not only the LLNL situation, but to several other incidents as well where organizations have acted to restrain the use of wireless LAN technology. Those sites included M.D. Anderson Cancer Center, which cancelled a WLAN pilot program; Aeronautical Radio, a provider of communications services to airlines, which advised customers not to use WLANs; and the U.S. Department of Transportation, which is assessing security issues associated with the use of WLANs in airports.

The USA Today article noted that less than 10 percent of organizations that deploy WLANs actually take advantage of the security capabilities built into 802.11 products. And, the combination of low cost (WLAN gateway prices are falling below $150) and easy installation (in most cases, it's basically a plug-and-play operation and no more difficult than replacing a traditional telephone with a cordless model) means that many more organizations now have wireless systems in place. However, most IT professionals realized years ago that plug and play and lax security go hand-in-hand.

In the case of government labs and other high-security locations, imposing strict policies for wireless is just common sense. Clearly, if you are concerned about nuclear secrets not falling into the hands of terrorists, your level of concern regarding security requires the definition of extremely rigorous standards. From a policy standpoint, management is obliged to identify worst-case scenarios and take action to eliminate those vulnerabilities. Prohibiting the use of WLANs in this instance is the responsible thing to do.

The tougher issue raised by these kinds of stories relates to how IT organizations address the deployment of WLANs in the context of their overall risk assessment and security policies. Security always involves delicate trade-offs between legitimate user access needs and the possibility that sensitive information may be acquired illegitimately.

While it is always a good idea to raise awareness about security issues, it is essential for organizations to address trade-offs within the context of a comprehensive security policy. In other words, if contract janitors have access to computers or paper files after work hours, that should be addressed with at least as much energy as wireless LAN security. Placing armed guards at the front door doesn't make much sense if the back door is left unprotected.

Send your comments on this article to Dave Molta at dmolta@nwc.com.

Note, this article was first published within the weekly newsletter, Network Computing Mobile Observer. We invite you to subscribe to this free, weekly newsletter. Also, you can find more information about Mobile Observer online.







Ready to take that job and shove it?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.










InformationWeek U.S. IT Salary Survey 2008
Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Purchase Today: $299
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch


Microsite of the Week


Powerful Information at Your Fingertips



techweb
Online Communities TechWebInformationWeekLight ReadingIntelligent EnterprisebMightyNetwork ComputingDark ReadingDigital LibraryWall Street & Technology
Byte & SwitchNo JitterInternet EvolutionLight Reading's Cable Digital NewsContentinopleUnStrungBank Systems & TechnologyAdvanced TradingInsurance & Technology
Face-to-Face Events
InteropWeb 2.0 ExpoWeb 2.0 SummitVoiceConBlack HatCSISoftwareEntrprise 2.0 ConferenceGTEC
Mobile Business Expo
InformationWeek 500 ConferenceBuy Side Trading XchangeBuy Side Trading SummitBank Executive SummitInsurance Executive SummitTelcoTVEthernet ExpoOptical Expo
Magazines  
InformationWeekWall Street & TechnologyInsurance & TechnologyBank Systems & TechnologyAdvanced TradingMSDNTechNetSmart EnterpriseThe Architecture JournalDatabase Magazine
 
Research & Analyst Services  
Heavy ReadingInformationWeek ReportsInformationWeek Analytics
 
   
   
App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |   Briefing Centers
Copyright © 2008  United Business Media Limited  |  Privacy Statement  |  Terms of Service  |  Your California Privacy Rights