Not to be underestimated the global wireless network security issues

As corporate employees increasingly demand wireless access to applications and data, wireless security becomes more important.

According to the "Global Security Survey" conducted by the Research Department of InformationWeek and Accenture in 2006, in the past year, 25% of American companies have increased their emphasis on wireless network security to the "tactical" level The corresponding proportions of European, Indian and Chinese companies are 23%, 19% and 16% respectively. Similarly, as more companies deploy Voice over IP (VoIP) technology, the importance of VoIP security has become increasingly prominent.

The convenience of wireless networks is attracting more and more companies. At mutual insurance company Amerisure (hereinafter referred to as Amerisure), enterprise architect Jack Wilson can only use a quarter of his working time to deal with security issues. Nonetheless, this number has increased by 10% compared to last year, because the company wants to ensure that its large number of employees using mobile office means can more easily access the company's system via the network. 20% of Amerisure's 800 employees log in remotely at any time. In addition to improving the work efficiency of employees, this has another advantage: there is no need to purchase larger equipment as the company grows. A small advertising company in Shanghai rented a new office suite. Because it is a well-decorated room, the property requires that it cannot be chiseled or wired under the floor. Network wiring has become a big problem. If the network cable is laid in the traditional way, the entire office will undoubtedly become a "spider web". Through the combination of laptop and wireless network, the company successfully solved this problem.

Although the wireless network has unparalleled convenience compared with the traditional wired network, the information security problems it brings do make the chief information officers (CIOs) have to weigh repeatedly.

"Wireless is very difficult to control. If enterprises have to abandon wireless due to security issues, then wireless is of little significance." Gao Hongfei, CIO of Shanghai Hengrong International Freight Co. Ltd. described security as restricting the application of wireless networks. Lian Yifeng, the National Key Laboratory of Information Security of the Chinese Academy of Sciences, said: "With the rise of wireless applications such as VoIP, we are analyzing VoIP protocol vulnerabilities through data collection and data analysis, and monitoring technologies related to VoIP are also being studied. It can be seen that the information security technology for wireless networks is not yet mature. "

But companies cannot wait for technology to mature, because mobile phones and handheld mobile devices (PDAs) continue to strengthen their functions. Even if companies do not deploy VoIP, they still face a more complex network environment. Liu Qiang, General Manager of the Enterprise Solutions Division of Nokia (China) Investment Co., Ltd., said: "The development of mobile phones and wireless handheld devices is exceptionally rapid, but the core of these devices is the PC. When the network peripheral devices are extended to smart phones or PDA , Users need to consider the security of these devices. "Clark County, Nevada, USA (Clark) in the past focused on security work in network access control, but this mode in the environment where users wirelessly connect to the network through multiple devices The next one does not work at all. So the county implemented Cisco's network access control system, using antivirus signatures and software patches to prevent substandard devices from connecting to the network. Clark County also began evaluating its VoIP in September this year to increase network integration. However, unexpectedly, new security threats accompanied VoIP. "You can't let denial of service (DoS) attacks and other issues endanger the security of voice communication infrastructure." Rod Massey, the county's CIO, said. At least, Clark County did not initially include the "911" emergency call service in its integrated network plan.

Messi said that the safety products produced in the future must be more effective, but also easier to use and manage. At the same time, he added that the current methods of using antivirus protection and software patches are relatively simple. In terms of cybersecurity, Eric Litt, chief information security officer (CSO) of General Motors (GM), favors technologies that use heuristics. He said that because this can be Monitor network behavior and record abnormal communications. Ritter said: “If we do n’t have time to respond, the system has to respond on our behalf.” New threats come with new applications. Less than a quarter of companies realize this "Wireless worries" should not be underestimated.