http://www.siliconvalley.com/docs/news/tech/073824.htm BY MARTIN J. MOYLAN Saint Paul Pioneer Press Dec. 24, 2001 SAINT PAUL, Minn. -- Cruising about the Twin Cities, with his wireless laptop on the seat next to him, Brad Rubin can see one business opportunity after another pop up on his computer screen. His laptop, hooked to a homemade antenna housed in a Pringles can, runs sniffer software that detects wireless networks, even those people have tried to hide. Many are not protected by encryption, making it easy for someone with a wireless modem to plug into them and snoop -- or worse, Rubin says. After nearly 20 years of working in the information technology arena in the corporate world, Rubin is trying to establish himself as an independent computer security consultant. With all the concerns these days about data security and privacy, corporate espionage, cyber-vandalism and, possibly, cyber-terrorism, the outlook is good for the information security market, he expects. And he sees wireless security, in particular, as a solid foundation for a business. ``Wireless vulnerabilities have only recently started to receive national attention,'' he says. Many businesses and consumers are connecting their computers with wireless networks. Especially popular are 802.11b (Wi-Fi) networks because they're easy to set up and use. Yet many businesses and consumers don't turn on the encryption systems meant to thwart most snoops. Even when they do turn on built-in encryption programs, skilled hackers may quickly get past them. ``I can take a look from the outside, through the eyes of a cracker, for vulnerabilities,'' Rubin says. ``When people get firewalls, they think they've done what they're supposed to do. But they're (often) not sure what they look like from the outside world.'' On a recent half-hour drive around downtown St. Paul and Minneapolis, Rubin detected 24 wireless networks. Only 14 had encryption turned on. In addition to advising companies about the deployment of new wireless network and security of existing ones, Rubin also sees opportunities in computer forensics, divining what has been done with computers and files produced on them. Companies like to address some issues, such as the theft of trade secrets, quietly, he notes. And police generally don't make investigation of white-collar crimes a priority. ``Computers are increasingly used in crimes, and companies need someone they can turn to other than law enforcement,'' he says. Rubin says his experience in the corporate world prepared him well for his career change. For 15 years, he worked for IBM in Rochester, focusing on projects involving IBM's AS/400 servers. He also led the development of a major IBM Java software program. For the past three years, he was chief technology officer for Imation data storage division and led its R&D team. ``I wanted to take what I've learned about technology, marketing and sales and combine it,'' he says. ``Now, I get to explore fun stuff like this (ferreting out vulnerable wireless networks) and turn it into money.'' His part-time teaching job at the University of Minnesota's Institute of Technology and his children, ages 8 and 11, also make work flexibility and minimal travel important. With Imation, he was often on the road. His biggest challenge is getting potential employers to notice him. ``I have to try to communicate the services I offer and the capabilities I have to the right decision-makers in the Twin Cities -- without a big marketing budget,'' he says. He does have the prerequisite Web site (www.BradRubin.com). In his first three months as a consultant, he's landed several jobs through the Gerson Lehrman Group, which matches IT consultants with mutual fund firms. Companies with and without their own IT staff would find it worthwhile to have outside eyes cast on their computer security efforts, Rubin says. That's evident from all the open wireless networks he's finding. ``For companies that outsource their IT, it's even more important that they verify they're getting appropriate security,'' he says. He sees most of his competition coming from consulting firms, such as Anderson Consulting, which have security practices. He figures he can undercut their prices. But he won't rule out partnerships with them. He knows many execs at those consulting firms through his work at IBM and Imation. Rubin managed his savings and investments so that he can take some time to establish himself as a consultant. ``A lot of people start out undercapitalized and don't pay attention to keeping new business in the pipeline,'' he says. ``A lot of consultants market themselves too broadly. Instead of being very clear and specific about the services they offer, which tends to get better results, they market themselves as jacks-of-all-trades. My goal is to have the greatest expertise in wireless security in the Twin Cities. And I'm giving myself one year to achieve success.'' - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Dec 25 2001 - 05:58:42 PST