Two ways to stay ahead in the security race
<FONT SIZE=2>Security is a race that is never won. The only goal is to stay ahead of your opponent.</FONT>
Security is a race that is never won. The only goal is to stay ahead of your opponent.
Today, the good guys have fallen behind in two main areas: wireless and printers. Companies are just starting to play catch-up to retake the pole position.
Industry faces an obvious shortfall in the area of wireless security. As the industry pushed forward and demanded more speed for wireless networks with the new 802.11a standard, security has been left largely in the dust.
When we first encountered 802.11a at the Comdex computer show two years ago, the advantages were obvious. It was fast enough that you could stream a movie off a server, over the 802.11a network and into a remote laptop. But security was extremely lax and handled primarily by directional antennas that could direct the signal inward from interior walls.
Even today, many 802.11a companies have not added the ability to join a Remote Authentication Dial-In User Service server, or Radius server, as part of their feature set. The logic is that because signals on a network only travel a maximum of 70 feet or so, it is unlikely that anyone could hack in and steal data.
This type of thinking, however, causes problems. Remember it only took a couple of box cutters -- then considered such a small threat that you could legally carry them at airports -- to hijack the airplanes used in the Sept. 11th terrorist attacks.
Thankfully, this logic is changing. Every company we talked to said security is now the No. 1 priority, and that the Radius server protocol soon would be added to their access points, effectively locking down even the weak 802.11a signal by marring access to the authentication server. You might expect a bit of a price bump as it becomes standard.
While the security hole in wireless has been evident for some time, vulnerabilities in the printer -- the least noticed peripheral in a network -- have gotten little attention.
Recent technologies have made buying a new printer a smart choice. Printers are faster, quieter, perform more tricks and are now so energy efficient that they can save money not only by improving office efficiency, but also by lowering energy costs.
However, with modern printers come modern problems. Nowadays, most printers operate with a hard drive no different than the hard drive in many computers. All a savvy criminal has to do is gain access to a network printer and, in two to three simple steps, remove the hard drive. All the information of every file printed, copied, scanned and faxed through that printer is now in the criminal's hands.
To remedy these vulnerabilities, companies such as Sharp Systems of America are not only locking down the hard drives, they also are prompting users to erase the hard drive after use or at a periodical juncture.
Furthermore, Sharp has created proprietary software, compatible with most brands of printers, that encrypts all transmissions sent to the printer from users. These encryptions render the data useless to anyone monitoring a printer to intercept sent data.
Although the means to plug up these security holes are available for your office or network printers, they often go overlooked. Hopefully, the next generation of printers will come with security measures already in place.
The bad guys are always looking for a way to zoom ahead in the security race. By shoring up your wireless security and eliminating printer vulnerabilities, you can help keep them in your rearview mirror. *
John Breeden II and Carlos Soto review new products and solutions for Government Computer News. They can be reached at jbreeden@postnewsweektech.com and csoto@postnewsweektech.com.
Today, the good guys have fallen behind in two main areas: wireless and printers. Companies are just starting to play catch-up to retake the pole position.
Industry faces an obvious shortfall in the area of wireless security. As the industry pushed forward and demanded more speed for wireless networks with the new 802.11a standard, security has been left largely in the dust.
When we first encountered 802.11a at the Comdex computer show two years ago, the advantages were obvious. It was fast enough that you could stream a movie off a server, over the 802.11a network and into a remote laptop. But security was extremely lax and handled primarily by directional antennas that could direct the signal inward from interior walls.
Even today, many 802.11a companies have not added the ability to join a Remote Authentication Dial-In User Service server, or Radius server, as part of their feature set. The logic is that because signals on a network only travel a maximum of 70 feet or so, it is unlikely that anyone could hack in and steal data.
This type of thinking, however, causes problems. Remember it only took a couple of box cutters -- then considered such a small threat that you could legally carry them at airports -- to hijack the airplanes used in the Sept. 11th terrorist attacks.
Thankfully, this logic is changing. Every company we talked to said security is now the No. 1 priority, and that the Radius server protocol soon would be added to their access points, effectively locking down even the weak 802.11a signal by marring access to the authentication server. You might expect a bit of a price bump as it becomes standard.
While the security hole in wireless has been evident for some time, vulnerabilities in the printer -- the least noticed peripheral in a network -- have gotten little attention.
Recent technologies have made buying a new printer a smart choice. Printers are faster, quieter, perform more tricks and are now so energy efficient that they can save money not only by improving office efficiency, but also by lowering energy costs.
However, with modern printers come modern problems. Nowadays, most printers operate with a hard drive no different than the hard drive in many computers. All a savvy criminal has to do is gain access to a network printer and, in two to three simple steps, remove the hard drive. All the information of every file printed, copied, scanned and faxed through that printer is now in the criminal's hands.
To remedy these vulnerabilities, companies such as Sharp Systems of America are not only locking down the hard drives, they also are prompting users to erase the hard drive after use or at a periodical juncture.
Furthermore, Sharp has created proprietary software, compatible with most brands of printers, that encrypts all transmissions sent to the printer from users. These encryptions render the data useless to anyone monitoring a printer to intercept sent data.
Although the means to plug up these security holes are available for your office or network printers, they often go overlooked. Hopefully, the next generation of printers will come with security measures already in place.
The bad guys are always looking for a way to zoom ahead in the security race. By shoring up your wireless security and eliminating printer vulnerabilities, you can help keep them in your rearview mirror. *
John Breeden II and Carlos Soto review new products and solutions for Government Computer News. They can be reached at jbreeden@postnewsweektech.com and csoto@postnewsweektech.com.