Wi-Fi Security Still a Challenge for Business Users

PC security still has a long way to go.

While many computer users today are more vigilant, there are still holes to exploit. And Wi-Fi is one of the biggest culprits.

It reminds me of The Simpsons’ episode “Last Exit to Springfield,” where Mr. Burns and Smithers go through numerous steps to reach the nuclear power plant's master shutoff -- and when they reach it the room has a broken, rusty screen door leading straight outside.

That scene pretty much sums up the problem with securing a business Wi-Fi network if you're not extremely careful. And it's just one of many reasons why I’m still a wired guy when it comes to my home office network.

As I noted when discussing security concerns over the iPad and Israel last year, I run long lengths of RJ-45 and Cat-5 cable. But in spite of that, I’m still relying more on Wi-Fi both at home and on the go.

Many hotels now offer Wi-Fi. The irony is that the large chains tend to offer free Internet, whereas the boutique hotels (which tend to cost more to boot) charge for the service.

I also regularly connect to unsecure networks at trade shows and conferences, and in those cases I'm far from alone. It's also ironic to be at a large event with other technology journalists and have everyone logging on to an unsecured wireless network -- while signs on the press room say "not responsible for unattended laptops."

Are the organizers responsible for unprotected files on my laptop?

Back at my home office I’ve started to go wireless more often as I use my tablet PC in the living room and have a laptop in my collectibles room that isn’t wired. But with all of these devices I’m thinking of security first.

A security-first approach  actually reduces the freedom these devices give me. But I’m taking the approach that it is better to be safe than sorry.

Apparently my vigilance is not as widely shared as I’d expect. 

According to new research from Wi-Fi Alliance, as reported by PC World, 86 percent of Wi-Fi users take the most basic steps in setting up access points. Of those 97 believe their data is “safe and secure,” yet 59 percent failed to use passwords that meet current security criteria.

Additionally, only about 62 percent turn off Wi-Fi network auto-sharing, and only 18 percent relied on VPNs when using a wireless hotspot.

The Wi-Fi Alliance, and most security experts for that matter, recommend using strong Wi-Fi passwords and changing them regularly. They also recommended that users turn off automatic sharing, especially when devices connect to potentially suspect networks.

It might make easier to share files among colleagues with it turned on, but consider the fact that if you can get to it, so can anyone else. If it is a public network you’re basically opening up your data to anyone else on it!

The Wi-Fi Alliance also recommends enabling the WPA2 security protocol. This of course isn’t always possible for road warriors and those who have to rely on outside networks. In this case users should limit what is accessible when they log on to these networks.

But WPA2 is recommended for office networks, even the home office, as are those aforementioned “strong passwords.” And this brings up another issue, one I personally have mixed feelings about. Passwords are already difficult enough to remember. Security experts suggest these should be eight characters long with a mix of  lowercase and capital letters, numbers and symbols. In other words something very difficult to crack, but equally hard to remember. Most IT professionals will insist you don’t store passwords on your computer, and certainly it shouldn’t be written down.

In other words, Wi-Fi is great as it lets users cut the cord and still get connected. But with this freedom comes need for security. To paraphrase Benjamin Franklin and put a spin on it, “He who sacrifices security for freedom deserves neither.” Sad but true when it comes to going wireless.