Computerworld - The new security features that wireless LAN vendors plan to build into products under the Wireless Protected Access (WPA) program will do little to protect enterprise or individual users in the booming Wi-Fi public-access "hot spot" market.
That market got another boost yesterday as Redmond, Wash.-based T-Mobile announced plans to provide such service in clubs and lounges operated by American Airlines Inc., Delta Air Lines Inc. and United Air Lines Inc.
John Pescatore, an analyst at Gartner Inc. in Stamford, Conn., said public-access providers such as T-Mobile and Boingo Wireless in Santa Clara, Calif., typically don't turn on any form of security, because to do so would inhibit their business by reducing the convenience of the high-speed (11M bit/sec.) Internet access these operators sell.
Pescatore advises that mobile enterprise workers use a virtual private network (VPN) connection if they intend to use a public-access WLAN service to tap into a corporate database or e-mail server. He also suggests that anyone using a public-access Wi-Fi service install a personal firewall to prevent snooping by other users on the same public network.
Peter Beardmore, senior marketing director at Colubris Networks Inc., which sells a "hot spot in a box" WLAN setup through Boingo, said public-access WLAN users without a firewall run the risk of another airport or coffee shop user poking around in their files using the "Network Neighborhood" tools found in the Windows operating systems.
Beardmore said Colubris, based in Laval, Quebec, helps Boingo prevent this kind of casual sniffing by "forcing all traffic upstream" to a Colubris server either incorporated into the access point or separate from it. This technique, Beardmore said, prevents what he called "paper-to-peer" sniffing of one client on a public-access WLAN network by another.
But Bearmore agreed with Pescatore that enterprise users should also protect their data through the use of a VPN.
Eventually, he said, public-access providers could build the authentication part of WPA into their servers for monthly customers, providing companies such as Boingo with a way to authenticate the identity of regular -- though not casual -- customers.
Read more about Security in Computerworld's Security Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
