WLANs Still Insecure

Businesses are flocking to deploy wireless LANs, but still haven't gotten the message about security. According to a recent In-Stat survey, more than 70 percent of respondents said they use wireless LANs, but only 61.4 percent control access to the wireless network.

Of that group, a meager 19.5 percent of large enterprises (1000+ employees) use 802.11i, the IEEE's WLAN security standard. Surprisingly, 36.4 percent of small businesses and 15.9 percent of large enterprises still use WEP (Wired Equivalent Privacy), an encryption and authentication system that proved to be easily breakable, rather than using WPA2 (Wi-Fi Protected Access 2). These facts are particularly disturbing because enterprise wireless infrastructure will only become more prominent. In-Stat forecasts that mobile PCs with embedded Wi-Fi, and dual-mode phones that combine Wi-Fi and cellular, will comprise 94.9 percent of enterprise devices by 2010.

While wireless networks expand in the enterprise, war drivers who chart the locations of vulnerable Wi-Fi networks are using new ways to disseminate their findings, making it easier to target unprotected enterprises. As data-loss penalties increase, businesses must learn how to properly address WLAN security issues. --Sean Ginevan, [email protected]