November 21, 2002, 3:28 PM — What began as a fun gizmo for U.S. computer buffs has become the world's fastest growing wireless data technology. WiFi, or Wireless Fidelity, is a wireless LAN standard that IT managers can no longer afford to ignore.
Islands of wireless broadband connectivity, called hotspots, are sprouting up in airport lounges, conference centers, hotels and other public areas around the world, delivering Internet access at speeds corporate road warriors would kill for.
Problem is, the technology is not without its risks, especially for businesses like banks and insurance companies with stringent network security requirements.
The solution could already be on many enterprises' front step: VPN (virtual private networking). But implementing the technology over a network of mobile users will require some effort and commitment.
While much work has been done to improve WiFi security in recent months, the most advanced security technology in the world is worthless if users aren't forced to use it. That means IT managers -- whether they want to or not -- need to get a handle on WiFi technology and craft a strategy that prevents security breaches before they happen.
"It's a bit of a Catch 22 situation," said Andy Rolfe, an analyst at the London office of Gartner Inc. "Even if many businesses don't feel ready for wireless LAN technology just yet and prefer to ignore it, they run the risk of their department managers or employees at home buying and installing rogue WLAN equipment and creating security problems because they're not taking control."
While some companies are rushing to embrace WiFi, others are showing greater reserve. The speed at which they're moving, it appears, depends in part on how comfortable they feel about their present level of network security.
Enterprises that have acquired expertise with VPN (virtual private network) technology appear to be less worried about remote access security than those without, according to Rolfe. Using VPN, companies can build "tunnels" over the public Internet to give remote workers secure access to their intranets.
"Security isn't an issue for companies that have gone through the pain of mastering VPN dial-up service," Rolfe said. "It is an issue, however, for companies without VPN experience that aim to rely on WiFi encryption technology."
Not that WiFi equipment is totally insecure. On the contrary, major manufacturers of wireless networking products have taken huge steps to shore up security gaps in WiFi technology. Most recently, as members of the Wi-Fi Alliance, they have thrown their support behind a new standard, Wi-Fi Protected Access (WPA), which will replace the flawed WEP (wired equivalent privacy) protocol.
WPA includes two new security measures. One is TKIP (temporal key integrity protocol), which scrambles the keys with a hashing algorithm, ensuring that they haven't been tampered with through added integrity checking. The other is EAP (extensible authentication protocol), which offers a more secure method to authenticate users logging onto a network.
In addition to manufacturers building advanced security features into their WiFi equipment, new wireless Internet service providers (WISPs), like iPass Inc. in Redwood Shores, Calif., and Megabeam Networks Ltd. in London, offer their own VPN software.
"We are rolling out a VPN service for our WiFi customers on a pan-European scale, allowing them to roam securely on hotspots scattered across the continent," said Raj Burman, senior business development manager at the London office of iPass.
Other players, like T-Mobile International AG in Bonn, Germany, also plan to provide tunneling support. "We will support the VPN systems used by companies and also plan to offer our own mobile VPN client software," said Otto Carsten, product manager of data services at T-Mobile. T-Mobile's U.S. subsidiary operates one of the largest WiFi networks in the country.
How successful these offerings will be, however, remains to be seen.
"We wouldn't want to purchase a VPN service from a service provider," said Bjarke Christensen, vice president of communications and IT infrastructure at the international healthcare company Novo Nordisk A/S in Copenhagen. "We believe you can outsource just about everything except security. This is something we want to control ourselves."
Despite his concerns about security, this is an IT manager who totally embraces WiFi. Novo has installed over 2,000 laptops with WiFi cards and VPN client software, in addition to building hotspots at its sites across Europe. "Two years ago we had around 300 employees using WiFi, Christensen said. "Within the next three years, we hope to have the entire staff of over 16,000 equipped to use it."
However, other companies, even with vast VPN experience, are showing more caution.
