Some only recently began using computers. Others are addicted to their computers and their mobile phones, Blackberrys® and other wireless communication devices. If the telephone is an example, wireless computer networks will overtake "hard-wired" networks within the next decade.

Many of us can recall when only one phone company provided local service, you could have (rent) any phone you wanted (as long as you wanted a black, rotary dialing, bell-ringing model), and life was simple. Then, the change began.

First, you could actually purchase and own your very own telephone. Then, cordless phones were launched. The first cordless phones connected you to a base unit in your home or office. That expanded into a wireless revolution where everyone is just expected to have a wireless phone on his or her person 24/7 and its number on his or her business cards to always "be in touch." The same progression is underway in wireless computer networks. If you're not sure what a wireless network is or where you can find one, read on.

Wireless networks are growing exponentially. Businesses frequently use or add a wireless network because it is much cheaper than running "Cat 5" cable throughout a facility that they might use for just a few years. Installing a few wireless network access points and issuing wireless network cards to employees is cheaper than buying miles of cable and banks of routers, plus hiring qualified people to install a "hardwired" network.

Companies with large personnel influxes add wireless networks to deal with increasing network demand over short periods of time (such as accountants during tax season). Starbucks advertises its wireless network to entice professionals and students to come in, load up on caffeine and work. They provide a "home away from home" for both you and your computer. Many homes have wireless networks. IBM's recent Thinkpad notebook computer comes with wireless antennae built into the screen's casing so it is ready for action whenever the computer is on. Wireless networks and capabilities are truly everywhere and in places you might never have imagined.

Some personal observations are in order. My home's wireless network "surveyed" the available networks and found three in my neighborhood (including mine). One disappeared when my neighbor (a technology company officer) moved away, so I have a good idea which one had been his. Then, I was in a particularly boring mediation session recently with lots of "down time" in a conference room where I could not get out to "surf the net" for current news. I plugged in my computer's wireless card and within moments, it found an open network that allowed me to surf at will. This was a revelation, and I never discovered (nor even tried to determine) which network provided the open access.

Will pervasive wireless computer networks cause as many problems as they will provide conveniences? Of course they will. The current "standard" for wireless networks is the IEEE 802.11b Standard. Its benefits include being able to use encryption to validate users and protect data being broadcast over the airways. That's correct, broadcast over the airways. All wireless devices broadcast in much the same way that radio and television stations do—but with lower power and shorter range. Does broadcasting this data create different security issues? Absolutely!

Recently published articles on wireless network security indicate that some networks are more secure than others. (The most current articles can be found with your favorite search engine using the search phrase "wireless network security.") It is also universally reported that wireless networks are vulnerable to those who would maliciously use their openness by "sniffing" out their locations and then working to hack their way into whatever is found on the network.

"Sniffing" out the wireless signals is relatively easy—most wireless devices will tell you if a wireless network is within range. Malicious users could add directional antennae to their toolkits to search over an even broader area since they effectively extend the wireless network's reach well beyond the hundreds of feet most usually broadcast.

Hacking into wireless networks requires different efforts than hacking over the Internet, but it can be done. While a "how it's done" explanation goes well beyond the scope of this article, suffice it to say that a determined hacker can get into a wireless network; since this can be done from a car in the company's parking lot or from a nearby building, hackers can choose their specific targets by merely getting close to them.

What can or should you do to minimize this risk (or at least require the hacker to work harder to break into your wireless network)? Some basic security precautions include:

1. Change your wireless network's Service Set Identifier (SSID) to a unique and "strong" identifier. The SSID is used within the network to identify authorized users. Many "off-the-shelf" products suggest or provide a generic SSID that can easily be used by a hacker to evade an early barrier.
2. Enable wireless network's Wired Equivalent Privacy (WEP) and use the "shared key" method to both authenticate users and encrypt data being transmitted. While it is possible for serious hackers to crack the encryption, even a weak lock is better than no lock at all. It should go without saying that the WEP keys you select should be either randomly generated or otherwise not obvious (just as you should not use 1234 as your ATM card's PIN). Changing your WEP key periodically provides an additional layer of protection.
3. Password-protect everything that is important. There are a number of "dictionary" password cracking methods that literally roll through the dictionary, testing each word as a possible password. Using "strong" passwords that combine letters and numbers increases your security by making it impossible for hackers to use "off-the-shelf" tools to crack into your data.
4. Treat wireless communications (including data communications) as postcards. If a communication is truly confidential, do not use a wireless network to transmit (broadcast) it since you never really know whether anyone else received your transmission.

Fortunately, the bodies that promulgate the industry standards are aware of these (and other) security issues. Standards are continuously updated to take advantage of new discoveries. Today's wireless networks are more secure than their predecessors, yet less secure than those that will follow. It is, as always, an evolutionary process.

Obviously, wireless network security goes far beyond what can be covered in this article. As with many things, you must first understand the risk before you can begin dealing with it. Then, you can take steps to protect yourself and the client data you send or receive.²

Footnotes

¹ Board-certified in business bankruptcy by the American Board of Certification and the Texas Board of Legal Specialization. Return to article

² Additional resources: "Securing Your Wireless Network," www.practicallynetworked.com/support/wireless_secure.htm; Goodwins, Rupert, "Wireless Network Security Shows Cracks," http://news.zdnet.co.uk/story/0,,t269-s2104588,00.html; Wireless Networking Reference—Security (listing of articles), www.practicallynetworked.com/tools/wireless_articles_security.htm; Arbaugh, William A., Shankar, Narendar, Wan, Y.C. Justin, "Your 802.11 Wireless Network Has No Clothes," Dept. of Computer Science, University of Maryland ©2001 (and included in listing of Wireless Networking Reference—Security). Return to article