You are on page 1of 3

Close Window

NOVEMBER 11, 2003

Wi-Fi Starts Leaping Security Barriers

As it proves its worth at work, companies are buying new products and services that help remove the worry of open access
Six months ago, Al Fitzpatrick sat at his desk in a skyscraper in Atlanta's Buckhead district and wondered what his wireless-enabled neighbors were up to.
He had no evidence that anyone was trying to hack into the wireless networks at the Atlanta headquarters of S1 (SONE ), a financial-services software
company where Fitzpatrick is chief security officer. With $250 million in annual revenues and thousands of institutional customers using S1 software to
manipulate highly sensitive financial data, Fitzpatrick had reason to be cautious.
S1 already used so-called virtual private networks (VPNs) -- encrypted communications tunnels that carry sensitive data traffic over the company's growing
web of wireless networks. So Fitzpatrick knew his wireless data was relatively secure. Still, with "drive-by hacking" and successful break-ins of VPNs
becoming more prevalent, Fitzpatrick figured better safe than sorry. "I like to be in control of my network," he says. "It's not knowing what's out there that
worries me."
So last August, he purchased a wireless intrusion-detection system from AirDefense. The two-year-old Alpharetta (Ga.) startup sells monitoring devices that
can help network-security managers spot break-ins that use wireless antennas as well as "rogue hotspots" -- unauthorized Wi-Fi access points installed by
employees whose PCs are on a company's network. If configured poorly, these hotspots can allow anyone within a few hundreds yards to tap into corporate
networks, bypassing firewalls and other security systems.
TIME TO BEEF UP. Fitzpatrick didn't find any rogues at work, but he was amazed to find something else: It seems that S1's Wi-Fi signals overlapped with

those of another company in the high-rise office building. "We were picking up their transmitters, and they were picking up ours," says Fitzpatrick. S1
promptly moved some of its access points to keep them out of range of the neighboring networks. With AirDefense now set to sound the alarm if a rogue
hotspot appears in S1's headquarters, Fitzpatrick feels safer using Wi-Fi.
He's hardly alone in recognizing the need to beef up wireless security: Hospitals, government agencies, banks, insurers, and manufacturers are installing
more and more corporate Wi-Fi security systems. The sector remains small, with revenues of pure-play wireless-security companies only $156 million this
year, according to networking and security research consultancy Infonetics in San Jose, Calif., which predicts that the tally could swell to $564 million by

"We nearly doubled our number of customers in a single quarter and did more revenue than we had done in the previous year.and has helped persuade Bluesocket customers like Linda Reino to roll out Wi-Fi that's protected by the new security systems. As a result. CEO of Bluesocket. the health-care and financial-services industries have remained wary. "That means wireless. "What we're seeing from a lot of organizations is recognition that wireless isn't an overlay but an extension of their networks. reflects a delayed reaction. TREADING CAREFULLY.000-employee hospital and health-care company headquartered in King of Prussia. thanks to falling prices on Wi-Fi equipment and improvements in security. managing director of Sprint's (FON ) mobile-computing services. and it has access to lots of things that I might want. I can install some software on that laptop and control it. The spread of Wi-Fi has also stoked interest in locking down all laptops and mobile devices that come with Wi-Fi cards to prevent a company PC from getting hacked when it's outside the office. Their concerns have been compounded by the fact that Wi-Fi developed a reputation for poor security after researchers found serious flaws in its first security standard." The growing corporate interest in Wi-Fi has also attracted many established security and networking players. that posted revenues of $3. This generally has meant installing software firewalls on laptops and personal digital assistants." says Bruce Friedman. Other early Wi-Fi security efforts from networking giant Cisco Systems (CSCO ) and software giant Microsoft (MSFT ) failed to pass muster among the paranoid set. a 60-person Burlington (Mass. thanks to their legal obligations to protect privacy and maintain the security of customer information. The fact that those figures. "The users aren't waiting." says John Pescatore. "A HIGHER LEVEL. In particular." The plunging price of commercial-grade Wi-Fi access points has helped boost demand -.. "You're seeing tools and hardware that are more geared to enterprises that want to integrate wireless into an existing network. Pa.The rise in wireless-security spending will parallel an increase in corporate outlays on Wi-Fi equipment. senior product marketing manager at firewall giant Check Point Software (CHKP ) in Redwood City (Calif. a crop of Wi-Fi startups sprang to life to develop more secure systems -and chase dreams of wireless riches. such as corporate networks. While American consumers have gone ga- ga over Wi-Fi.) company that builds hardware and software for encrypting wireless networks. But we felt we needed to have a higher level of security surrounding patient data than you would normally have over a wireless network. Some of those are beginning to cash in." says Eric Janszen. corporate and public-sector customers have remained more cautious -. if you're going to get any efficiency in your data collection and distribution. Universal had run a number of Wi-Fi pilot projects in recent years but had refrained from a companywide rollout.because of worries over security.7 billion in 2007." LAPTOP HIJACK. "We picked up 161 new customers last quarter. aren't blockbusters." The pressure for corporations to spend on Wi-Fi and accompanying security will likely increase as more and more employees install their own hotspots to enable roaming from office to office at work." explains Mark Kraynak. which argue that wireless security shouldn't be separate from other network security. "In health care. called wireless equivalent privacy (WEP). which Infonetics says should rise from $865 million in 2003 to $1." Reino is the chief information officer of Universal Health Services (UHS ) a 26. "If I can sit near someone whose laptop is on a public wireless network at Starbucks or at a conference and is unsecured. vice-president for network security research at tech .).6 billion in 2002." says Reino. Now that looks imminent. "Now I have control of the victim laptop. while solid. you have to get to the patient's bedside or get next to the clinician.

they're so cheap. By Alex Salkever. by The McGraw-Hill Companies Inc. "They can hide [Wi-Fi purchases] on expense vouchers. All rights reserved. Technology editor for BusinessWeek Online Copyright 2000-2004." Sooner or later. that'll be money in the bank for the wireless security startups as well as for the big networking companies that seek to profit from the Wi-Fi boom. Terms of Use Privacy Notice .consultancy Gartner.