Hotspots Put Enterprises On The Hot Seat

Nothing could be simpler or more efficient: An on-the-go worker connects to a wireless hotspot at an out-of-town cafe to catch up on email, and connect to his company's network to download a presentation and copy files to his personal workspace.

Sounds good, but network administrators are still wrestling with the financial, technological, and security issues posed by hotspots, and they have yet to solve them.

The security issue looms largest. The information sent and received at most hotspots is "in the clear" -- anyone connected in the vicinity with the right kind of sniffing software can see every bit of information traveling between the employee's laptop and the hotspot. That means that important corporate information can be easily stolen. In addition, employees may pick up worms, Trojans and viruses at hotspots, and then spread them once they reconnect to the enteprise network.

What's a network manager to do? Today's best solutions require virtual private networks (VPNs), which in essence create a private, encrypted tunnel through the public Internet, including at hotspots. Newer Windows and Mac computers include built-in VPN support, but companies need to install VPN gateways. A small business might be able to get away with a $1,000 device from a company like Symantec, but that won't do for larger companies. Often, VPN gateways are included in all-in-one security appliances. Large units for big organizations are available from the infrastructure players. Cisco Systems makes one of the least expensive, at $20,000 for 1,500 users.

Another solution involves secure clients that include an alphabet soup of encryption and security standards, such as Wi-Fi Protected Access 2 (WPA2). Funk Software, for example, recently released an upgrade to its Odyssey Client that includes support for WPA2, as well as other WLAN protocols including EAP-FAST and EAP-SIM.Security isn't the only issue. While many hotspots are free, and per-hour charges for hotspot access may be nominal for each individual user, they can add up to a huge bump in a network manager's online access budget.

Help is on the way from service providers rolling out innovative enterprise pricing plans. Communicator aggregator IPass, for example, will offer flat-rate pricing on a portfolio of hotspots including T-Mobile, which has the largest network of hotspots in the U.S. Prices for IPass's "all-you-can-eat" approach will vary based on such factors as the number of users and the duration of the enterprise's commitment.

"This 'all-you-can-eat' approach allows the IT department to reliably budget the cost of Wi-Fi hotspot access across an entire organization or for a subset within it," explained Jon Russo, the company's vice president of marketing.

Finally, technological confusion adds another layer of headaches for network managers. There are now VoIP over Wi-Fi services, such as one recently announced by Boingo and Vodaphone, that let business travelers make phone calls using a VoIP phone over public hotspots. Even more confusing, upcoming converged devices that support both cellular voice access and voice-over-WLAN may represent the future of mobile voice communications. Should enterprises go with VoIP over Wi-Fi phones, wait for new devices, or do nothing at all?

Like it or not, hotspots have become a part of enterprise networks. The sooner network professionals acknowledge that simple fact, the sooner they'll have more secure networks, be able to stay within their budgets, and prepare for the future. IPass To Offer Flat-Rate Hotspot Pricing
Aggregator says it expects flat-rate pricing to simplify budgeting for enterprises and to increase usage of hotspots.

A Bundle Of Trouble?
Hotspot access is at the heart of some attractive wireless bundles, but there could be a long-term "gotcha."

Cellular, VoWLAN Convergence Coming Quickly: Study
Converged devices will speed trend toward enabling voice access via multiple methods, a new study says.

Funk Software Releases WiFi Secure Access Client With WPA2 Support
Upgrade to Odyssey Client also adds support for the WLAN protocols EAP-FAST and EAP-SIM, and Microsoft machine credentials.

Boingo And Vodaphone Announce Major VoIP-Over-WiFi Service
Business travelers will be able to make VoIP calls at Boingo's 11,000 hot spots using the Vonage service and softphone. Katie Bar The Door
Non-IT employees are bringing technology into the enterprise that can put networks and information at risk.

.

Reviews

Wireless Data Carriers: Which Are The Best For Your Enterprise?
We sized up six major wireless carriers, testing their strengths and weaknesses, to see which can best outfit your employees with fast, ubiquitous mobile access to corporate data.Features

Affordable IT: Desktop Security
Protecting your organization means guarding against attackers as well as internal problems. Tools are essential, but so is user education.

WLAN Makes Its Voice Heard
The convergence of VoIP and WLAN promises new services and lower telecom costs for enterprises and SMBs. But is it ready for prime time?