WPA includes two new security measures. One is TKIP (temporal key integrity protocol), which scrambles the keys with a hashing algorithm, ensuring that they haven't been tampered with through added integrity checking. The other is EAP (extensible authentication protocol), which offers a more secure method to authenticate users logging onto a network.
In addition to manufacturers building advanced security features into their WiFi equipment, new wireless Internet service providers (WISPs), like iPass Inc. in Redwood Shores, Calif., and Megabeam Networks Ltd. in London, offer their own VPN software.
"We are rolling out a VPN service for our WiFi customers on a pan-European scale, allowing them to roam securely on hotspots scattered across the continent," said Raj Burman, senior business development manager at the London office of iPass.
Other players, like T-Mobile International AG in Bonn, Germany, also plan to provide tunneling support. "We will support the VPN systems used by companies and also plan to offer our own mobile VPN client software," said Otto Carsten, product manager of data services at T-Mobile. T-Mobile's U.S. subsidiary operates one of the largest WiFi networks in the country.
How successful these offerings will be, however, remains to be seen.
"We wouldn't want to purchase a VPN service from a service provider," said Bjarke Christensen, vice president of communications and IT infrastructure at the international healthcare company Novo Nordisk A/S in Copenhagen. "We believe you can outsource just about everything except security. This is something we want to control ourselves."
Despite his concerns about security, this is an IT manager who totally embraces WiFi. Novo has installed over 2,000 laptops with WiFi cards and VPN client software, in addition to building hotspots at its sites across Europe. "Two years ago we had around 300 employees using WiFi, Christensen said. "Within the next three years, we hope to have the entire staff of over 16,000 equipped to use it."
However, other companies, even with vast VPN experience, are showing more caution.
Consumer goods manufacturer Unilever PLC in London is currently testing the waters with WiFi, before taking the big dip. "We're definitely interested in the technology and how it can increase productivity but, at the same time, we're concerned about increasing security risks and adding complexity," said Nick White, global infrastructure director at Unilever. "We're still not finished implementing our global fixed-line VPN network after more than three years of work on it because of the complexity of the job. So we'll think long and hard about how we would want to install VPN software on thousands of laptop PCs within the group."