Wireless Risks: Agents Beware!
By
Agencies are beginning to deploy wireless technologies at an increasing rate. Its the next step in productivity and efficiency, especially in the hard market where agents need to spend more face-to-face time with clients, and less time in headquarter offices accessing and processing information on computer systems.
Todays wireless tools, however, have a tremendous number of vulnerabilities. At the heart of the security problem is the rapid rate at which wireless, mobile computing is being implemented and the conversely slow rate at which companies are evaluating the associated risks and making security changes.
To safely realize the benefits of wireless technology, companies must develop policies and procedures for its use, and increase user awareness regarding security and privacy issues.
What is wireless technology? Basically, it involves the transmission of data without physical cable connections. This transmission can occur via infrared technology within a building, or over even wider ranges using satellites.
Many agents now use mobile systems, such as personal digital assistants (PDAs), laptops, and Blackberry systems, configured with wireless connectivity. Since wireless transmission occurs over airwaves, however, there is a potential risk that these transmissions can be intercepted, leading to potential security and privacy breaches. How can agencies deploying these technologies protect themselves?
Most experts agree that wireless security is currently very weak at best. What few standards exist provide little protection and are seldom implemented by users and administrators.
The current wireless protocol standard (802.11b) is inadequate in meeting anything but minimal security requirements, and the encryption mechanism, Wired Equivalent Privacy (WEP), has been proven easy to break. Some companies dont even turn encryption on, and as a result, sensitive data are being transmitted with no protection at all.
There are new standards on the horizon that may provide more security capabilities, but the real question is whether wireless users will implement these new standards when they currently chose not to use existing security measures.
In contrast to traditional hacking practices carried out over phone lines and the Internet, hacking into wireless networks is almost as easy as listening to a radio scanner. Armed with a laptop, a wireless network adapter card, as well as some widely available software tools, a hacker can literally roam the streets, “tuning” into the wireless networks transmitting in the vicinity.
Gaining access to a wireless network can put a hacker behind firewalls that would usually stymie attempts to gain unauthorized access to a network that contained sensitive information.
The major risk of a vulnerable wireless system is that unauthorized access to a companys database of private customer information could compromise the companys market reputation.