Perhaps the most menacing security holes may lie in pieces of the network that Internet and IT managers dont even know exist.
Wireless LANs are cropping up in an organic fashion throughout corporations, often without the knowledge of a central manager.
"Departments are going out and putting them out for the department, without thinking about the ramifications for the rest of the corporation. If the CIO found out, theyd freak out," said Dean Douglas, general manager of wireless e-business services of IBM Global Services.
Cisco Systems had that problem internally. Shortly after Cisco acquired wireless LAN gear provider Aironet, employees quickly began deploying access points around the corporate campus.
"Soon we had 260 rogue Aironet deployments," said Kittur Nagesh, product line manager for the Aironet wireless LAN solution of Cisco.
Ciscos IT department took stock of the network pieces and quickly deployed a security solution across the network. The company also created an internal policy for extending the network.
"The rogue deployments went away because people found they could work with the policy and have a well-managed system," Nagesh said.
IBM hopes to help companies examine disparate network pieces so that IT departments can be sure that the networks are secure. IBM Security and Privacy Services recently introduced a security auditor service whereby the company will audit wireless LANs for corporations and assess the security vulnerabilities.
IBM also addresses authentication and encryption issues for customers, and has introduced a security chip - a cryptographic microprocessor - that will be integrated into its ThinkPad notebooks and NetVista desktops.
The chip supports key encryption and digital signatures. Using devices with the chip, mobile workers can securely access corporate networks from public wireless LANs, such as those popping up in airport lounges and cafŽs, Douglas said.
Those workers can also access corporate information securely from home wireless networks, another arena that the IT department often does not oversee. Some enterprises encourage workers to order high-speed wired connections to their homes so that they can work after hours. Some of those workers may deploy their own wireless LANs in their homes, but without introducing security precautions.
"Its the IT guys worst nightmare," said Doug Klein, CEO of Vernier Networks, a provider of security solutions for wireless networks.
The best defense against such security holes is education and the creation of corporate policies that help workers to secure their home wireless LANs, Klein said.
Vernier offers an authentication solution that sits at the wireless access point. The solution allows corporations to set policies for individual users, which restrict some employees from accessing certain information.