Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Wireless security remains an issue in the bay area.

AirDefense : 07 April, 2008  (Technical Article)
Comprehensive study of wireless network security issues in the San Francisco Bay area published by AirDefense.
AirDefense has unveiled results from its comprehensive "San Francisco Wireless Security Vulnerability Survey." Conducted in March 2008 at more than 1,000 Bay Area corporations and government agencies, AirDefense assessed wireless security practices in four key industries, including: Finance, Government, Retail, Transportation and an overall review of major corporations in the city. During its research AirDefense discovered upgraded technologies in place with stronger encryption protocols at many Retail and Transportation locations. However, results were mixed in Finance and Government, with the majority of Access Points (APs) wide open or at best legacy encryption protocols in place.

Overall, AirDefense associated the highest grade of B- to the Transportation industry, followed by the Retail industry with a C+, major corporations graded at C, Finance a C- and Government the lowest with a D. In total, AirDefense discovered 4,606 APs in use for connecting wirelessly to the Internet and corporate networks. Surprisingly, 1,040 or 22 percent of all APs were unencrypted, with more than 30 percent using Wired Equivalent Privacy (WEP), the weakest protocol for wireless data encryption, which can be compromised in minutes. In Government, an alarming 72 percent of APs were found to be unencrypted or using WEP, while in Finance 67 percent were found to be unencrypted or using WEP. The stronger protocols Wi-Fi Protected Access (WPA) and WPA2 were used to encrypt 47 percent of APs. However, many of the WPA deployments used Pre-shared Key (PSK) authentication and were deployed in a fashion that makes them extremely vulnerable to the same dictionary attacks that plague password based systems.

AirDefense ranked each industry based on five key components, including: unencrypted/WEP enabled APs, probing laptops discovered, rogue APs, data leakage and APs in default mode. AirDefense averaged the results in each of the industries and associated a letter grade. In Retail and Transportation stronger encryption protocols and overall wireless infrastructure were discovered. Specific Retail findings were in line with results revealed in AirDefense's '2008 NYC Retail Wireless Security Survey' announced in January this year.
The dangers of rogue access points are well documented. An employee, vendor or on-site consultant can unknowingly put all information assets at risk by attaching a $50 consumer-grade AP to an enterprise LAN. This simple act circumvents all existing network security by broadcasting an open connection to the enterprise network. Data leakage occurs when various systems or devices on a corporate network communicate with one another and much of this traffic is broadcast unencrypted over the airwaves for anyone to see.

"AirDefense's comprehensive wireless vulnerability assessment in the Bay Area is intended to not only highlight the current deficient practices in wireless security being deployed by corporate America and the government, but also to highlight the necessary steps to ensure proper network protection," said Mike Potts, president and CEO, AirDefense. "With the 2008 RSA Conference days away some of the results might seem harsh but a matter-of-fact assessment of current wireless security deployment (or lack thereof) and best practices in preventing intrusions from occurring is needed."

AirDefense has been conducting vulnerability assessment surveys of the wireless security industry since its inception in 2001. It is the first and only company to produce comprehensive surveys across all major industries and wireless environments, including popular hotspots. The company's executives are the unrivaled experts in wireless intrusion prevention and detection. AirDefense recently completed the "2008 New York City Retail Wireless Security Survey" of more than 800 retail locations in New York City's five boroughs. For more information and results, visit the AirDefense web site.

In November 2007, the company's groundbreaking nationwide survey of more than 3,000 retail locations was met with much acclaim and praise by industry analysts and many high ranking IT security experts.

"Transportation and Retail were head and shoulders above the other industries in securing wireless networks and room for improvement in other industries was more apparent," said Richard Rushing, the survey's author and chief security officer, AirDefense. "Assessing the vulnerabilities of more than 1,000 locations in the Bay Area will ideally lead to needed improvements in wireless security practices currently being practiced today."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo