|
|
ADVISOR RADAR
Security Issues Raining on Bluetooth, Wi-Fi Parades
As Bluetooth and Wi-Fi networks become more prevalent, companies must deal with the problem of securing them.
Bluetooth implementations will prove to be more expensive than most companies initially expect, according to researchers with Gartner. These extra costs will go towards fixing security flaws and ensuring interoperability.
What are the problems? Bluetooth specifications are too loose to ensure products from different vendors will interoperate, and businesses will have to pick up the slack. On the security front, the specification has no policy for how to encrypt stored passwords, says Bill Clark, research director for Gartner. Faulty Bluetooth applications implementations could also lead to security breaches such as conversation eavesdropping and theft and destruction of data during Web surfing or synchronization of a personal information manager device.
Gartner says Bluetooth technology will cost businesses and consumers an additional US$5.6 billion per year globally.
"Bluetooth deployment costs will be higher than other wireless technologies because of limited interoperability and the need to implement policies to safeguard against data corruption and theft," says Clark. "Although manufacturers must have products certified by Bluetooth prior to sale, the certification does not make high-level security and interoperability between products a requirement. Therefore, the user interfaces, default configurations, and usability choices are left to the individual manufacturers to decide upon."
Left to manufacturers' discretion, these usability choices will boost the cost of ownership by $70 per year for users of mobile phones, PDAs, and PCs, Gartner estimates.
Gartner recommends the following for IT buyers and decision makers investigating Bluetooth technology:
- Buy products that have security activation and include additional protection such as combination passkeys and key length enforcement.
- Request security qualification reports for all Bluetooth devices from vendors and base purchasing and support decisions on them.
- Educate employees on how to configure Bluetooth-enabled devices and discourage them from sharing Bluetooth passkeys in public settings.
Wi-Fi security proving problematic, too
Bluetooth's main competition for wireless networking, the 802.11b standard (Wi-Fi), is experiencing security problems of its own. The networks have become popular targets for "drive-by attackers" who've made a hobby of tapping into systems wirelessly from outside office buildings.
As Wi-Fi networks proliferate, so do the people trying to compromise well-known security holes within the 802.11b standard, say analysts with the Meta Group. In fact, many of these attackers have started making physical chalk markings on buildings and sidewalks at locations where Wi-Fi networks are present in order to alert other enthusiasts to the presence of the wireless network.
Meta Group analysts say you should view this "war chalking" as another confirmation that Wi-Fi networks must be proactively secured. In addition, companies should conduct periodic network audits and remove any rogue access points from the network.
ARTICLE INFO
Web Edition: 2002.09.12, Doc #11110
 FREE ACCESS
Keyword Tags: Administration, Bluetooth, Business Software, Business Technology, Infrastructure, IT Networking, IT Strategy, Mobile, Mobile Business, Mobile Development, Network Management, Security, Software Development, Tech Management, Technology Management, Tech: Management, Tech: Networking, Wireless, Wireless Development, Wireless LAN (Wi-Fi)
ADVISORAMA Be yourself! is about the worst advice you can give some people. -- Tom Masson |
|