Integralis Calls On Businesses To Undergo “Wireless Mots”
Companies Are Failing to Test Wireless Security Measures Before Deployment 70% of businesses using wireless networks are insecure, despite having followed industry best practice guidelines in their implementation, according to security systems integrator, Integralis.
The company has seen a significant rise in companies deploying or using wireless technology in the first half of 2003, but many are still not aware of the importance of testing to their projects.
“The time delay between going ‘live’ and testing is the key issue,” suggests Tim Ecott, managing consultant at Integralis. “Most companies are failing to effectively road test their systems prior to general usage and are therefore exposing themselves to unnecessary risks. A wireless implementation must be thoroughly tested before it goes live to ensure basic security issues are addressed”.
Integralis has found that whilst companies are becoming more aware of the need to follow best practice guidelines (including such measures as VPNs, Firewalls, activating encryption technology and establishing a strong policy), but that those same organisations are waiting until the system is in use before they decide to test its resilience to attack.
Ecott cites the main reason for this pattern as the stigma attached to ethical hacking:
“Ethical hacking is a process that many companies are not comfortable with, but some form of penetration testing is essential for any organisation deploying wireless technology. You wouldn’t drive a car if it didn’t have a MOT certificate to show it was roadworthy and a similar mentality should be applied to a wireless network. Too many companies delay the testing process, or in extreme cases do not bother at all.”
Integralis is also calling for businesses to update security policies to account for wireless networks, addressing issues such as the use of unauthorised access points and wireless cards and to increase employee vigilance.
From its experience in testing wireless networks, Integralis cites a number of reasons for companies’ belated interest in security measures has been linked to a range of factors, including external auditing, BS7799 certification and post-attack evaluation. In many cases companies were operating wireless networks under the misconception that following best practice alone was enough to guarantee security, whilst others were proactively seeking assistance in response to press coverage of inadvertent wireless networks appearing in organisations.
Many businesses are unaware that the very nature of wireless networks results in company data propagating beyond the walls of their company and it is therefore essential that the fundamental security basics are tested thoroughly.
About Integralis
Since its formation 14 years ago, Integralis has grown to become one of Europe’s leading security systems integrators in the IT and e-commerce security market, measured by revenue and geographic coverage. Integralis enables companies to conduct secure communications and e-commerce transactions via private and public networks. The company offers a broad selection of security services, security products and managed security services. The existing customers of Integralis include government authorities and numerous major European companies, including two thirds of the companies listed on the DAX 30 and half the companies listed on the FTSE 100. Integralis is a part of Articon-Integralis AG since the merger of ARTICON Information Systems AG with Integralis Group.
Additional information is available at www.integralis.com.