WLAN Pros Conference is coming to Europe! As Keith Parsons (the conference’s chair and founder) puts it, “the Wireless LAN Professionals EU Summit consists of three days of fun, great topics, awesome gear, and wonderful networking.”
And we are excited to have two of our technical gurus – Allen Walker out of the UK and Rick Farina from the US - presenting. As luck would have it, the organizers put the two sessions in the same time slot, so unless the attendees are completely slacking, they won’t be able to avoid both Rick and Allen at the conference.
What will they be speaking on?
Best practices, Wireless security
Watch the video from Wi-Fi Hacking 101 event series with Rick Farina, AirTight Networks senior wireless security researcher and resident hacker.
“Security? Who cares,” I hear most people say. They would quickly change their mind if they had met Rick Farina, AirTight’s ethical hacker (known on Twitter as @RickLikesWIPS). UK resellers got the opportunityat a series of Wi-Fi Hacking Events in May. The audience definitely got more than they bargained for with these workshops.
In attendance were partners who sell into all verticals varying from schools and colleges to banks and retailers. Rick was not only able to demonstrate the importance of providing a secure wireless solution, he showed the audience a range of wireless threats that hackers from around the globe may use to steal sensitive data.
Shortly following the conclusion of Blackhat’13, a few articles came out reporting wireless scanning data from the venue.
Inside the Black Hat 2013 Wi-Fi Network
Karma is a …Errr, What We Learned at BlackHat 2013
Both reports state that many security relevant events were detected in the Wi-Fi traffic during the conference. Given that Blackhat is attended by security experts, ethical hackers and just plain security geeks, finding security signatures in the traffic is not uncommon. Nonetheless, I think a few things still need to be matched up in these stats before arriving at sound conclusions.
With the ever increasing importance of Wi-Fi as the de facto access technology, WIPS plays a key role in overall enterprise network infrastructure security.
The U.S. Department of Defense (DoD) recently created a separate category for wireless intrusion detection/prevention in its approved product listing for deployments in defense agencies.
Gartner now recommends including WIPS as critical requirement in all new RFPs for wireless technologies.
Drivers for WIPS such as PCI compliance for retailers and BYOD for enterprises are compelling.
Secure Wi-Fi is also seen as medium to increase efficiency of government and public services. UK courts recently announced a program to install secure Wi-Fi in 500 court rooms. WIPS is required to make Wi-Fi secure.
How much should you care about the CMO?
A lot according to IDC. By 2016, 80% of new IT investments will directly involve line-of-business executives (Source: IDC Directions 2013).
Similarly, Gartner predicts that by 2017 the marketing arm of businesses will control more of the IT spend than IT organizations at those companies.
We’ve certainly noticed this shift. In this blog post, we highlight three customer success stories where this dynamic came into play and how we were able to effectively collaborate across the different lines-of-business.
Retail, WiFi Access, Wireless security
Can you beleive it? - yet another alert came out about a vulnerability in Cisco’s WIPS (adaptive Wireless Intrusion Prevention System or aWIPS as Cisco likes to call it):
These are some recent stories of the IT organizations who brought in wireless intrusion prevention systems (WIPS) to secure their network environments against Wi-Fi vulnerabilities and attacks, and what they encountered was the incessant flow of security alerts that they could not keep up with. That is because, the systems constantly crunched signatures and thresholds from wireless traffic to generate volume of alerts for the security admins to consume. Admins could not grasp the enormity of problems that they would face in the production deployments based on the product previews done in the tiny lab setups and based on the marketing material they saw (hey look, we have Gazillion attack signatures, configuration settings, and thresholds in here!). Learn from their experiences, and avoid the destiny they faced by asking the right questions and making the right technology choices early on. AirTight Networks to date has helped thousands of customers avoid such misery by helping them with the strongest WIPS protection without the overhead of ongoing system management. Read more…
Retailers are increasingly looking to deploy Wi-Fi in their stores. They want to provide guest Wi-Fi to their patrons and also want to deploy in-store applications such as wireless POS and printers, wireless kiosks, wireless digital signage, and HQ network access over Wi-Fi. Coupled with these business drivers there is also a wireless PCI compliance requirement to protect credit card transactions. Retailers however face some unique challenges which were hitherto not met by traditional autonomous or controller Wi-Fi solutions. Now cloud managed Wi-Fi has made it quite feasible for them to achieve these goals.
PCI, Retail, WiFi Access, Wireless security
What makes network administrators and security professionals tear their hair out – the “cool” employee who is carrying 2 or 3 or more devices and only one of them is actually issued by the company. I admit, I am one of them but not sure how “cool”, just a gadget junkie. There is a lot of advice around these days about how to manage this deluge of personal smart devices entering the enterprise, but I found much of the advice given by Software Advice and CRM Market Analyst, Ashley Furness, very solid in her recent post, “Strategies to Secure Your Enterprise in the New World of BYOD“. Some of it may seem obvious, but, often the obvious is overlooked for just that reason. We all know folks who do not change their password from “admin”. Ashley’s article is a good addition to the body of work out there about the challenges of BYOD in the enterprise. One area which is not mentioned, however, is wireless intrusion prevention (WIPS), which is the natural ally of MDM. With MDM, employees have to have an incentive to get the agent on their devices. WIPS solves that problem. AirTight WIPS as an example protects the network from being accessed by unauthorized devices – those which have credentials but are not an authorized device – by allowing administrators to set up rules which will automatically block unauthorized devices (not just rogue APs) from connecting to the network.
AirTight recently concluded a study of IT professionals to understand their attitudes, challenges and methods of dealing with BYOD and it became obvious that there is a lot of concern around this subject. As the BYOD tide rises, organizations will need to embrace various smartphones and tablets for the enterprise applications, while at the same time tackling the security challenges from consumerization. On one hand, it is necessary to ensure that the IT assigned authorized smart mobile devices are free of malware and that these devices and the data on them can be centrally managed and monitored by IT. On the other hand, IT will be required to deal with unmanaged personal mobile devices attempting to access the corporate IT
assets, since such personal mobile devices may not be within IT’s device management reach.
Additionally, increased consumerization of the smart mobile devices may also heighten the risk of rogue Wi-Fi connections on the enterprise premises. As a result, an all-encompassing approach to BYOD security will entail protection of IT assigned devices, gatekeeping the unmanaged mobile devices, and blocking rogue Wi-Fi connections. Security systems are available today which address different parts of the BYOD security problem. (See the tables below) The right combination of these security systems can be useful for a comprehensive BYOD security.
BYOD, Wireless security
Only two weeks left – take AirTight’s One Minute Survey – BYOD: Love it? Hate it?
Click the link – take the survey – enter to win an 8GB iPod Touch.
Corporate users (e.g. employees, contractors) are accessing enterprise network and data, and bypassing corporate security controls using their personal Wi-Fi devices. This uncontrolled access can open wireless backdoors into the enterprise network, malicious activity, leakage of sensitive data, and exposure to malware.
Click the link to take the BYOD survey and enter to win an 8GB iPod Touch.