Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Wednesday, April 20, 2005

Experts urge wireless security integration

Corporations should think of wireless security as an add-on to their existing security architecture, not as a separate entity, according to analysts and vendors at the Wireless Security Conference & Expo.

IT managers should either integrate the new wireless piece into the overall company security policy, if one already exists, or take the opportunity to create a plan for the entire IT infrastructure, security experts urged Wednesday at the event, being held in Cambridge, Massachusetts.

Instead of considering wireless security in isolation, technology managers should think of defending their existing wired network against a new set of threats that emanate from the wireless world, said Craig Mathias, principal at advisory and systems integration company Farpoint Group, based in Ashland, Massachusetts.

It used to be the case that corporations weren’t embracing wireless technology because of security concerns.  Now, however, the leading barrier to adoption is the perceived complexity of wireless security, according to Lisa Phifer, vice president of consulting firm Core Competence in Chester Springs, Pennsylvania.  The situation is beginning to change, as vendors build more functionality into wireless LAN switches.

Mathias singled out Ann Arbor, Michigan-based Interlink Networks Inc.‘s LucidLink, an enterprise-level wireless security application designed to be easily deployed by small business and home office users.  Mathias stressed that wireless will likely form only a small piece of a company’s security policy, mostly in terms of specifying which mobile devices and intermediary networks for remote access meet desirable corporate security standards.

“We have a saying (here) that if you could just get rid of the end-users, you could have perfect security,” quipped Jim Burns, senior software developer at Portsmouth, New Hampshire-based network authentication software developer Meetinghouse.

Posted on 04/20