Fears about drive-by hackers helping themselves to the account details of financial institutions have left their mark on the wireless market. Wireless local area networks (Lans) were seen as having a big problem with security.
But these hacking scares hit the headlines two years ago. And two years is a long time in IT. Despite efforts by the Wi-Fi Alliance to plug gaps and instigate rigid security measures, there is still a perception that wireless Lans are unsafe.
It is a perception that appears to be unfounded, but it does present resellers with the challenge of educating their customers.
"There is still a lot of fear about security, driven mainly by high-profile hacking incidents and widespread reports of 'war chalking' [where hackers chalk a symbol on a pavement to indicate a nearby wireless network]," says Damian Penney, sales and marketing director at wireless Lan vendor LXE.
"Mud sticks, and as an industry we have to overcome this by being clear about where the security threat is coming from, how dangerous it is to a particular business and how we can combat it with a range of security technologies."
Most vendors in this space recognise the need to hold the hands of their resellers and their resellers' customers to try to overcome the detrimental images of past wireless Lan security flaws.
The first point resellers should be making is that wireless Lans are now more secure than wired Lans. At least, that's the view of wireless Lan vendors, who claim that wireless Lans have been given special attention and now contain greater security measures than their wired cousins.
"Wireless is more secure than a wired network," says Peter Blampied, operations director for EMEA at US Robotics. "On a wireless network you can set up the encryption of data, as well as user authentication, whereas with wired networks you just have authentication."
Blampied admits that high-profile security problems with wireless standards have damaged the market to some extent, but he believes these problems are now behind us. "The authentication systems in wireless are much stronger than they were a year ago," he says.
"There is a new WPA [Wi-Fi Protected Access] encryption protocol where every packet is encrypted with a different password. There are over three billion passwords for this."
This is undeniably a massive step forward and resellers need to get their heads around the technology updates and various security standards that have emerged over the past 12 months. Blampied is convinced that if resellers can get to grips with this then there is no reason why they cannot convince their customers to install wireless networks.
With one of the two main objections out of the way (the other being performance speeds) the advantages of wireless are apparently obvious.
In the US, a report by research firm Infonetics has suggested that wireless Lan penetration will double over the next four years, despite the fact that most businesses still have concerns about security. It found that security completely dominates the features wish lists for wireless Lan access points, switches and routers.
Over three-quarters of respondents use firewalls to secure their wireless Lan, with over half using intrusion detection, IP security virtual private networks and Secure Socket Layer. In short, it found that enterprises are relying on the same techniques to protect both wired and wireless Lans.
While the UK and other European markets are different to the US, this shows how businesses are recognising the benefits of wireless Lans and looking to manage their usage more carefully to overcome potential security issues that the technology has not solved. It suggests that security is key to wireless Lan market penetration but not necessarily a major inhibitor.
Gunter Ollmann, manager of X-Force Security Assessment Services at Internet Security Systems, agrees. "In general, most users do trust wireless technologies now. However, this is less of an informed decision and more ignorance of the threat and consequences," he explains.
"It is still largely IT/technical professionals that understand the significance of the wireless threats and use it in one of two ways: an 'I don't care' attitude because the data is not deemed valuable; or a 'I'm more secure than others' attitude and there are easier targets should someone wish to attack.
"As far as trust is concerned, it is very much a blind, uninformed trust."
In fact, the concerns among consumers and businesses with wireless security are not isolated. They reflect a wider concern for data and access security, regardless of the technology.
Denial-of-service attacks, viruses, hacking and network intrusion have all fuelled this concern, and as a result, spending on security products is witnessing "explosive growth", according to research company IDC, and growing at twice the rate of other IT categories.
According to John Gantz, IDC's chief research officer: "Corporate spending on security and business continuity has been held back by two factors: uncertainty about the severity of risk posed by security threats and ongoing budget austerity.
"However, any scepticism about the potential consequences of a security breach is fading fast as enterprises seek to improve their ability to manage organisational risk."
Trust in wireless
This can be applied to wireless Lans as to any other part of the IT business. Getting this message across to resellers is, however, a time-consuming process, and for many resellers it may seem like too much of a burden.
Blampied is not convinced that most resellers really have their heart in wireless, or if they do, they don't really understand how to sell it. The historical problems over security issues and performance speeds have gone a long way to planting doubt not just in businesses but resellers too.
"I think some resellers have decided to make a business from wireless Lans, but they are few and far between," says Blampied, who has recently returned from a tour of US Robotics' wireless product resellers.
"Most of the resellers we met were not aware of the issues. There's confusion about what is and what isn't possible."
It is an interesting statement, given the research statistics and market forecasts indicating huge growth of wireless Lan sites in businesses as well as homes. So is there a widespread lack of wireless Lan security skills among resellers?
Ian Kilpatrick, chairman of specialist distributor Wick Hill, admits that resellers still have to learn. "There is a standard for security over wireless, which is WEP [Wired Equivalent Privacy] 802.11b. However, this standard is both flawed and weak, being ineffective and easily broken.
"Some resellers are aware of the WEP standard but don't enable it properly when they've set up wireless. Some enable it but aren't aware that it isn't very effective."
This situation is confirmed by 3Com, although not to such a great extent. It has driven the company to implement a consultancy programme for its resellers.
Bob Honour, solutions manager at 3Com, claims about 30 per cent of its resellers have the necessary wireless Lan knowledge in terms of security and implementation.
However, he expects this to improve with the ratification of the 802.11i security standard and the subsequent release of next-generation wireless access points and gateways.
"What we'll see is the market starting to grow as we end up with greater security on wireless Lans than we have on Ethernet," says Warner. It's a widely supported view. Nick Bharadia, pre-sales engineer at D-Link, says like their customers, resellers have also fallen foul of the perception of wireless security. But things are now changing.
"We've been running training courses for resellers for a year now on a range of subjects including wireless broadband and wireless Lans, which includes how to implement security measures. The wireless courses are booked up six months in advance, so the interest is there," he says.
Bharadia claims that few wireless Lan vendors are actually doing this for the channel and believes that it is an essential part of the process if they are to see a sales return. Few would argue with that.
The vendor role in helping resellers understand the various facets of wireless Lan security is essential, but we are reaching a point in the evolution of wireless Lans where security measures are becoming part of the products.
"It's a bit like cars in the UK having air conditioning systems," adds Penney. "It used to be an optional extra for which you paid a premium, but now it is becoming pretty much standard."
So where does the reseller rely on the standard issue of security measures and where is the potential for bolting on additional security technologies with the added bonus of set-up and configuration?
"SoHo [small-office/home-office] users can usually get by with standard encryption and WPA," claims Bharadia. "It's financial institutions in the City that tend to need the VPNs and the firewalls."
Opportunities for resellers
It is a simple way to divide the market, but in reality each business will have its own security needs, maybe even a security policy that has to be adhered to. So for the reseller, there should be plenty of opportunity for pre-sales consultancy, configuration and after-sales support.
"There are many different ways to install and secure wireless Lans, including access control lists on access points, enforcement of VPNs, treating the wireless Lan as a separate network, treating it as an extension of the wired Lan but having distributed edge security, WEP, 802.11x, Media Access Control address reservation, VPN concentrators, firewall and DMZ," says Alan Bentley, channel manager at security distributor Ellipse.
"A reseller moving into this market can quickly demonstrate a USP to the customer by being knowledgeable about the many different aspects of installing and maintaining a secure and performing wireless Lan. The market is booming and the lack of skill sets within the end-user community is high.
"This points to high service revenue generation for well-educated and supported VARs."
The key for wireless Lans here is that there is no shortage of companies probing the security issues to try to resolve them and come up with an unbreakable solution.
Built-in firewalls are becoming the norm for gateways and access points, but according to RSA Security, this is not the weakest point for wireless security. Notebooks are the weakest point. A company can have the best technology, but often the biggest problems occur due to a lack of education.
The wireless revolution will, of course, continue. The security implications of a more converged networking society that includes mobile devices means wireless security will always be in demand. It represents an educational challenge and a big sales opportunity.
Know your wireless security
The depth of security provision will usually depend on the nature of the business or individuals that are using the wireless Lan. For basic usage there is Secure Socket Layer protection. Generally this is deemed suitable for home users.
However, if your customers' data is confidential and they demand additional security, there are several different technologies that could be implemented. On a basic level, this can include enabling 64-bit or 128-bit Wi-Fi encryption (Wired Equivalent Privacy, or WEP), changing your password or network name and closing your network.
On a more sophisticated level, there are technologies to secure the business network, depending on your needs:
- Remote Access Dial-Up User Service Authentication is a user name and password authentication system to restrict access to a particular wireless Lan.
- Media Access Control (MAC) filtering is part of the 802.11b standard and every Wi-Fi radio has a unique MAC number allocated by the manufacturer.
- A virtual private network is perhaps the most secure way to enable communications between a corporate network and remote-access workers.
- Firewalls block unauthorised access to files and systems. Some Wi-Fi gateways and access points contain built-in firewalls.
- 802.1x is an authentication standard developed by the Institute of Electrical and Electronics Engineers and Wi-Fi Alliance.
- 802.11i is a draft standard designed to improve wireless Lan security. It describes the encrypted transmission of data between 802.11a and 802.11b wireless Lan systems.
RSA Security has conducted its own research into how easy it is to access London's wireless Lans. With a hand-held scanner, researchers were able to pick up information from company wireless networks by simply driving around the streets of London.
The company found 63 per cent of the networks surveyed were left on default configuration, clearly identifying the firm owning the data and where it was coming from. The researchers could also pinpoint exactly how many wireless network access points and wireless-enabled laptops a business has. The research highlights that many firms are failing to:
- Effectively encrypt the data travelling across their wireless networks, enabling hackers to simply pluck company secrets from the air.
- Change default information on their systems that broadcast the company's name, location and technical information that can allow hackers to crack any encrypted network.
- Secure wireless network access points, allowing hackers to set up rogue access points to capture company information.
- Secure data on wireless-enabled laptops, allowing penetration of local drives and company data.
How to Sell: Wireless - Part 1 - Joining the wireless set
3Com (01442) 438 000
D-Link (020) 8731 5555
Ellipse (0870) 871 0771
Enterasys (01635) 580 000
ISS (0800) 085 2976
LXE (01494) 464 680
RSA Security (01344) 781 000
US Robotics (0870) 844 4546
Wick Hill (01483) 227 600
Andy Gillett has been appointed GM for the UK and Ireland
UK is one of two countries to see rollout of vendor's newest subscription service
Dell EMC partner 'very keen' to make acquisition
Robotics company UiPath claims to now be valued at $3bn after $225m funding round