b
beatrix1
Apr 05, 2011

Are wireless LANs finally secure?

What should my key concerns be?

jimlynch
10/20/2011
Hi beatrix1,

Here's a good overview of Wireless LAN security issues and options:

http://en.wikipedia.org/wiki/Wireless_LAN_security

You may find this helpful as it also covers security concerns.
s
secubio
06/22/2011

the simple answer is no, not network, the problem is that wireless LANs is just a tools for IT tech

s
spambait
05/31/2011

The short answer is NO.  It will never be.  No network, whether wired or wireless, or even based on flash memory cards, will ever be totally secured.

 

The real question is: Is the current security available good enough for your business.  And you know your business.  It is up to you to figure out what level of security is enough.

 

C
Craig Mathias
04/05/2011

Short answer - yes, they are - sort of, anyway. We need to begin here with an important truth, however: there is no such thing as absolute security. Any security mechanism of any form can be compromised, because security, again, of any form, is simply designed to allow access only to authorized individuals, not block it altogether. Wireless-LAN security was a major problem in the early days of the technology, with the security mechanism in the standard (known as WEP) easily compromised. Today's WPA2-based security, however, is quite good, and works well to protect data as it traverses the airwaves. It is not, however, sufficient for enterprise-class applications.

 

And the reason for this is that only the airwaves are protected. The airlink (as it is known) between client and AP is consequently difficult to compromise, but data on either side of the link (e.g., stored on a mobile device or moving over the non-WLAN part of the network) isn't secured by WPA2. For this reason, we recommend that all effective security mechanisms (a) use good airlink encryption, with WPA2-Enterprise sufficient in most cases), (b) use strong authentication (some form of 802.1x is usually acceptable for this purpose, but we recommend two-factor authentication wherever possible), (c) use an end-to-end VPN covering all network links between client and server, and (d) that sensitive data (as defined in a firm's Security Policy - you do have one of those, and review it every six months, right?) be encrypted wherever it resides - on a server, or on a mobile device. As you can see, wireless security pales in comparison to network security, and that a good network-security strategy is essential no matter what wireless security is in place.

Answer this
ASK a question
250