Convenience, low cost and increased productivity are driving users to wireless hot spots: Armed with little more than a laptop, an inexpensive wireless card and perhaps a credit card to access fee-based hot spots, users can jump onto a wireless hot spot and gain access to e-mail and other corporate resources.
Wireless hot spots take Internet access to places it couldnt easily go in the past. But as any IT manager will attest, public wireless hot spots combined with 802.11 ubiquity (sanctioned or not) is a source of concern—mainly with security.
Still, IT managers and wireless LAN experts say many of the dangers inherent in wireless hot spots are the same as those encountered when accessing corporate data beyond the firewall. And, they say, the productivity gains of anytime, anywhere Internet access far outweigh the potential disadvantages.
“The huge number of hot spots that are starting to come online will really change the ways we think of and use the Internet,” said Keith Waryas, an analyst at International Data Corp., in a report released last year. “Very high-speed access, combined with the portability and mobility these new networks enable, will make the next few years a very exciting time for both business and consumer Internet users.”
To stay ahead of trouble, IT managers need to take a proactive approach to hot spots: They should teach users how to securely access corporate resources and should develop and enforce hot-spot policies that are in line with those in place for remote access. A number of services designed to ease access are also coming online (see review).
Mobile, Global Work Force
Mobile, Global Work Force
With the corporate work force growing more mobile and global, its no surprise that high-speed wireless Internet access has developed a mainstream following.
IDCs Waryas estimates that more than 5 million consumers will access the Internet through U.S. wireless hot spots by 2006. And while cafes and airports now offer wireless Internet access, road warriors are expected to make use of wireless access most widely in hotels. Pyramid Research LLC, for example, expects roughly 25,000 hotels globally to offer wireless access by 2007 (see chart).
At Company Finance Inc., in San Mateo, Calif., employees use nationwide wireless hot spots from T-Mobile USA Inc. to check e-mail on the road. The company has used GPRS (General Packet Radio Service) for access in the past, but Pankaj Chowdhry, president and chief technology officer of Company Finance, said GPRS coverage is not as reliable as the coverage he has come to expect from Wi-Fi hot spots.
To ensure security, employees at Company Finance use Windows Terminal Services, said Chowdhry, who is also an eWEEK Corporate Partner. Terminal Services supports 128-bit bidirectional encryption between the server and the client using RSA Security Inc.s RC4 encryption algorithm. The same security methodology is in place for Company Finance employees using a wired hotel broadband connection.
Vulnerable to Attack
Vulnerable to Attack
Wireless hot spots are vulnerable to eavesdropping and man-in-the-middle attacks, which is why IT managers who allow employees to transfer data outside the corporate firewall should authenticate users and enforce encryption. Virtual private networks already in place should be used to secure Web browsing and the transfer of information, whether its via instant messaging or e-mail.
At the Web site of Edmunds.com Inc., an automotive information source, employees are asked to follow the same security policies when accessing public hot spots as they do when using a dial-up connection.
“I dont have any restrictions, but there is a standard set of policies users are expected to follow,” said Angelo Kapitsas, a network engineer at Edmunds.com. “It shouldnt matter how theyre accessing data, as long as it stays secured.”
For example, employees are expected to keep passwords private, run anti-virus software and close browser windows when a Web session is complete, said Kapitsas. With these policies understood, employees who have wireless cards are free to access e-mail secured by standard Secure HTTP using any Web browser.
“There are chances that data could be wirelessly intercepted, but if users are accessing corporate resources from a public hot spot, that data is encrypted,” said Kapitsas, in Santa Monica, Calif. “Im more concerned about people getting onto our network within our offices, to be honest.”
Senior Writer Anne Chen can be reached at anne_chen@ ziffdavis.com.