In its annual wardriving survey, EMC's RSA security division shared some good news about wireless security in New York City, London and Paris. However, work still needs to be done when it comes to enterprise deployment of advanced encryption. According to RSA, less than half of the corporate wireless access points in London and New York are using advanced encryption--a figure that lags far behind Paris.
security division has some news about wireless security-and it's not all that
Far from it as it turns out. In a snapshot of wireless
networks in New York, Paris
and London, RSA
found that the vast majority of corporate access points in those cities are
employing encryption. According to the findings, 97 percent of the 6,096
corporate access points in New York included
in the study use encryption, compared with 94 percent in Paris.
Wireless security lagged far behind in London,
where the figure was 80 percent. That percentage is actually a drop-off of
1 percent from where it stood in 2007.
But even with encryption generally widespread in the three cities, one
form of encryption is not necessarily as good as the next. WEP (Wired
Equivalent Privacy), for example, is known to be vulnerable but is still widely
"Such is the speed at which WEP can be routinely cracked that it barely
constitutes paper-thin protection in the face of today's sophisticated
hackers," said Sam Curry, vice president of Identity and Access Assurance at RSA,
in a statement. "We would strongly urge wireless network administrators to
discount WEP as a viable security mechanism and upgrade to WPA-or stronger-without
When it came to advanced forms of wireless encryption such as the
802.11i-based Wi-Fi Protected Access (WPA) or WPA2, Paris
led the way. Some 72 percent of all the 3,265 corporate access points there are
using advanced encryption. This compares with 49 percent in New
York and 48 percent in London.
It is critical, Curry said, that business access points have some sort of
encryption-even if the corporate network itself can only be accessed via an
"Not using WPA1 or WPA2 can leave the organizations involved vulnerable to
whole classes of attacks against both access points and wireless client
computers," he said.
Shockingly, users of personal wireless networks are paying just as much-if
not more-attention to security than their corporate counterparts. The study
found that 97 percent of in-home networks in New York
are using encryption, as are 98 percent of personal networks in Paris
and 90 percent in London.
In addition, the percentage of home users with advanced encryption
outpaces the business sector in Paris
and New York. Sixty-one percent
of the roughly 1,661 in-home networks in New York
included in the survey are using advanced encryption, compared with about 49
percent among corporate access points.
In Paris, it is 75 percent,
while in London the number stands
at 48 percent for both business and in-home wireless networks.
"As wireless networks continue to improve in terms of speed, bandwidth,
safety-and ubiquity-this is good news for businesses and consumers alike,"