SIP Trunking

Security Featured Article

May 15, 2009

AirTight Reveals Wi-Fi Security Risks for Airspace

By
In a recently released survey, AirTight Networks has exposed the wireless security vulnerabilities in the financial districts of New York, Chicago, Boston, Wilmington (DE), Philadelphia, San Francisco and London.

 
As the use of wireless devices and networks increases, companies are increasingly at the risk of exposing sensitive data to the hackers through the wireless networks. For hackers, it’s easier to hack a wireless network than a wired network.
 
According to the survey, 57 percent of the airspace scanned was dominated by open or WEP encrypted access points. It makes it very easy to sniff, decode, capture or misuse this data. Also, when connected to an internal network, open and WEP encrypted access points pose a serious risk to the network. The survey also discovered several instances of open APs that were connected directly to internal networks and leaking the identities of active users including company executives.
 
“In light of some rather spectacular data breaches involving financial information in recent years -- both wired and wireless -- in financial districts we expected to find well protected and configured networks, open or guest access isolated from corporate networks and strict enforcement of Wi-Fi security policies," said Pravin Bhagwat, CTO of AirTight. "What we found instead should give pause to security administrators working in industries with highly sensitive information such as financial services.”
 
AirTight has developed a list of best practices for the companies to safeguard their networks. To start with, the companies can opt for WPA, preferably WPA2, rather than WEP. They can also conduct ongoing wireless security audits and scans to detect the presence of unauthorized Wi-Fi devices and activity in your premises.
 
The company recently announced it has joined the QualysGuard PCI Connect Ecosystem launched today at the RSA Conference 2009 by Qualys. AirTight is integrating its unique SpectraGuard Online service to provide automated data feeds for wireless vulnerability management into QualysGuard PCI Connect. SpectraGuard Online is a modular hosted service using the same AirTight award-winning, patented, multi-tenant architecture.

Raju Shanbhag is a contributing editor for TMCnet. To read more of Raju’s articles, please visit his columnist page.

Edited by Jessica Kostek


Comments powered by Disqus


Videos

    NEW Partner Program Overview: Over 4,000 VARs, Master Agents, Solution Providers, and Independent IT Professionals trust Broadvox. We offer customized services and solutions to fit seamlessly into any company's business model. And when you partner with Broadvox, every member of our team stands behind you and your customers 100%....

  • SIP Trunk UC Summit
Resources
Presenting the New Ingate/Intertex Website: Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...
What's New?
Webinars
Podcasts