What do people in the security industry think of wireless security? Here’s the opinion of two experts – Leo Pluswick and Al Potter, both from ICSA Labs, a division of TruSecure Corporation. A global leader in managed security services, TruSecure continuously protects more than 700 customer sites in over 30 countries around the world.
Leo Pluswick is a program manager at the Trusecure ICSA Labs. He is the manager of the development and evolution of ICSA’s Programs for Certification of Cryptography, IPSec and PKI Products. Al Potter is the manager of the network security lab at ICSA Labs. Both have extensive knowledge in the field of wireless security.
What events in the wireless security market have marked this year?
The expectation that the IEEE 802 Working Groups will soon have security enhancements to the existing 802.11 Wireless LAN standard has caused the industry to plan for implementing the upgrades and the user community to express anxiety while awaiting the more secure products.
Warchalking, Wardriving, Warspamming – these are just some of the terms we see frequently in the news. Do you see these actions as a real problem or is it just the media making things bigger than they are?
Chalking and spamming are more theoretical than actually happening with frequency. Wardriving has had its day and some, particularly new guys, still do it to show they can do it. But as far as being real problems, I would say that they are because they are possible, not because of the frequency of their occurrence. They do call attention to the seriousness of the security failures of the currently deployed WLANs and therefore are indicators of the potential for real problems. I believe the media is providing the public a service by calling attention to the existence of the vulnerabilities, to occurrences of exploitation and thereby to the security weaknesses of deployed WLANs. The major security weaknesses are allowing unauthorized access to use of the WLANs and to the data the WLANs’ security features are to protect.
Will there be a slowdown in acceptance of wireless technology in the corporate environment in 2003 because of increased security concerns?
Probably not. It hasn’t so far. The priority in selecting wireless LAN products has been and will be continue to be: 1. ease of use, 2. security and then 3. cost. Some people interchange the priority of the latter two. So as long as security is not the first concern the products will sell.