Nothing could be simpler or more efficient: An on-the-go worker connects to a wireless hotspot at an out-of-town cafe to catch up on email, and connect to his company's network to download a presentation and copy files to his personal workspace.
Sounds good, but network administrators are still wrestling with the financial, technological, and security issues posed by hotspots, and they have yet to solve them.
The security issue looms largest. The information sent and received at most hotspots is "in the clear" -- anyone connected in the vicinity with the right kind of sniffing software can see every bit of information traveling between the employee's laptop and the hotspot. That means that important corporate information can be easily stolen. In addition, employees may pick up worms, Trojans and viruses at hotspots, and then spread them once they reconnect to the enteprise network.
What's a network manager to do? Today's best solutions require virtual private networks (VPNs), which in essence create a private, encrypted tunnel through the public Internet, including at hotspots. Newer Windows and Mac computers include built-in VPN support, but companies need to install VPN gateways. A small business might be able to get away with a $1,000 device from a company like Symantec, but that won't do for larger companies. Often, VPN gateways are included in all-in-one security appliances. Large units for big organizations are available from the infrastructure players. Cisco Systems makes one of the least expensive, at $20,000 for 1,500 users.
Another solution involves secure clients that include an alphabet soup of encryption and security standards, such as Wi-Fi Protected Access 2 (WPA2). Funk Software, for example, recently released an upgrade to its Odyssey Client that includes support for WPA2, as well as other WLAN protocols including EAP-FAST and EAP-SIM.