Wireless Security
The risks of wireless security
By its nature, wireless networks use radio waves to send and receive data. Due to this, there are critical issues that need to be addressed in order to ensure and maintain network security especially in corporate environments.
In particular there are a number of security risks associated with the current wireless protocols and encryption methods, and in the carelessness and ignorance that exists at the user and corporate IT level. Hacking tools and techniques have become much more sophisticated and innovative especially in relation wireless technologies. Cracking has also become much easier and more accessible with easy-to-use Windows-based and Linux-based tools being made available on the web at no charge.
Increasingly, organised criminal gangs are using hackers to steal valuable corporate data, hijack servers for sending spam or even to making ransom demands for data which they have encrypted or stolen.
One approach used by hackers/crackers is malicious associations. This is when wireless devices can be actively made by crackers to connect to a company network through their cracking laptop instead of a company access point (AP). These types of laptops are known as "soft APs" and are created when a cracker runs some software that makes his/her wireless network card look like a legitimate access point. Once the cracker has gained access, he/she can steal passwords, launch attacks on the wired network, or plant trojans. Since wireless networks operate at the Layer 2 level, Layer 3 protections such as network authentication and virtual private networks (VPNs) offer no barrier. Wireless 802.1x authentications do help with protection, but are still vulnerable to cracking. Other techniques used to gain access unauthorised access include "MAC address spoofing", "Man in the middle" etc
Available Security
Although most wireless devices come with some form of security such as WEP (Wired Equivalent Privacy), WPA etc these are proving to be insecure. WEP is still widely popular security that is utilised. In fact there are still significant wireless networks that don't employee any form of security. However, researchers have demonstrated that WEP security has a number of flaws and is easily broken into.
Wireless security typically encrypts the transmitted data (packets) and to authenticate users. Typically these methods use unique security encryption keys which can be 128 bit or 245 bit. The longer the key the better generally as it makes it harder to break the encryption. Other security encryption available includes WPA2, Radius, TKIP, PEAP etc.
However, using encryption is not enough in terms of security. With corporate networks and virtual private networks (VPN) access via wireless technologies there is a greater need network management and monitoring and effective corporate defences against unauthorised intruders. This is especially important when dealing with increasingly use of wireless capable devices and business need to maintain links with mobile staff.
MailSure's security experience
MailSure has many years of experience and knowledge gained in providing secure and reliable networking both for internal and remote users and over the internet. This can be leveraged for your organisations wireless network. Let MailSure be your wireless expert.