City Ignores IT Security Alerts

February 2003

Businesses in the City are failing to take basic precautions to secure wireless networks, despite the high-profile threat of drive-by hacking.

The second annual Wireless Security Survey of London discovered 328 wireless access points in the City, a big increase on the 124 points identified in the previous study (Computing, 15 November, 2001).

The survey, conducted by a risk management specialist on behalf of RSA Security, found that one-third of the networks have insufficient levels of security, leaving corporate data vulnerable to attack.

Tim Pickard, RSA's European strategic marketing director, says the failings are usually caused by badly implemented networks.

'Only a third of the access points found use WEP [Wired Equivalence Privacy, a WLan security standard], and that's exactly the same number as a year ago,' he told Computing.

'The findings also show 120 of the access points have default settings that are reducing security, and 100 organisations had named their networks in a way that is easily identifiable,' said Pickard.

'This isn't a technology that is not securable. It comes down to a lack of education.'

Many new laptops and PDAs have wireless cards that are set to active as default, something users are often unaware of.

'Organisations need to be aware that wireless Lans are probably in their organisation, even if they don't realise it,' said Pickard.

Phil Cracknell, security specialist, says users must treat WLans with the same level of security as wired networks.

'There is so much publicity about this subject, it's difficult to understand why companies are still ignoring the warnings,' he said.

'There's no reason for this to happen. It's a standard security policy fix that anybody can do,' he said.

Source...

 

With Dionach you get:

• An efficient, friendly and flexible service
• To talk directly to the experts
• Straightforward assessment reports that get to the point
• Complete confidentiality and utmost discretion