http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9028239 By Kathleen Lau July 27, 2007 Computerworld Canada Research In Motion (RIM) shot back at criticism from industry analysts that Wi-Fi security concerns would mean limited enterprise use for its new dual-mode BlackBerry 8820. RIM's 8820 model, released mid-July, offers Wi-Fi in addition to traditional cellular connectivity. The company's director of product management for WLAN and VOIP, Kevin Oerton, said it should make no difference security-wise whether a user is accessing BlackBerry services from home, a hotspot or within the enterprise. He said the BlackBerry Enterprise Server, a wireless platform which acts as the conduit through which all RIM enterprise services are delivered to mobile devices "offers security from the device all the way into the BlackBerry Enterprise Server." In addition, Oerton said the company employs 256-bit AES encryption so transmission and data can't be read. Upon the product release, analysts raised security concerns around the use of Wi-Fi for business, saying Wi-Fi security fears reduced this channel to harmless Web surfing, albeit at a higher throughput. Jon Arnold, principal of Toronto, Ont.-based J. Arnold & Associates, acknowledged the security fears that enterprises would have with public, unlicensed spectrums, like Wi-Fi hotspots. "There's more vulnerability there," he said. Companies likely wouldn't encourage employees to conduct business transactions on e-mail accessed via Wi-Fi, he said. "I don't think you're going to be doing your really sensitive secret stuff over Wi-Fi." Another analyst, expressed concern that the growing number of mobile devices made data leakage easier should devices get lost or stolen. "There will be more things sitting on this device, what happens when it gets stolen?" asked Roberta Fox, senior partner with Mount Albert, Ont.-based Fox Group Telecom Consulting. This increasing dependence on mobile devices to conduct business, she said, would likely mean secure-sensitive corporations, in particular, would likely not embrace the Wi-Fi functionality. Companies should enforce policies around device usage for business, whether cellular or Wi-Fi, Fox suggested. Oerton acknowledged "historical speed bumps" in Wi-Fi security upon which enterprises may be basing their concerns, but believes enterprises now feel very comfortable with the level of security enabled by various technologies out there. In addition, he said, end users most often don't secure their Wi-Fi access points, which is what leads to problems. "That's why it's critical for the device all the way through to the BlackBerry Enterprise Server to provide triple AES encryption independent of whether the users set up Wi-Fi security at home." To ease persistent security concerns, he recommends enterprise customers deploy a virtual private network (VPN) -- often used by organizations for remote access -- in tandem with Wi-Fi rollouts. Although 8820 was designed for the enterprise, Oerton expects adoption to be highest among those industry verticals already known for ubiquitous Wi-Fi use, like health-care, retail, manufacturing and hospitality. "All of these have a need to bring the benefits of IT to a highly mobile workforce," he said. However, he's not excluding an eventual wider adoption: "Benefits of 8820 should bring additional enterprise and industry verticals to the table because of the new benefits that are being made available through Wi-Fi." Earlier Wi-Fi rollouts that initially focused solely on access in conference rooms and visitor lounges is now becoming more ubiquitous across the organizations, said Oerton. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Sun Jul 29 2007 - 23:19:43 PDT