Unauthorized Wireless Users Strain Corporate Networks
IT managers say rogue installations pose security risks, complicate support
End users are driving much of the mobile and wireless innovation inside companies, which can cause security, support and management problems -- especially when devices and applications not sanctioned by IT departments find their way onto networks. That was one of the messages from IT managers who attended Computerworld's second annual Mobile & Wireless World conference here last week. The event, which attracted about 244 registrants from user companies, put a spotlight on the havoc that can be caused by rogue users of wireless LANs. 'Maddening' Problem "The problem of rogue employees is maddening. It'll drive you crazy," said Marc Simms, director of IT at Shared PET Imaging LLC. Simms is part of a small IT support team that serves 110 employees at the Canton, Ohio-based company, which provides medical scanning services to hospitals. The IT staff ran into problems when end users began bringing in their own mobile equipment. "They were bringing their own laptops in, their own handhelds, different types of PDA devices," Simms said. "It became a support nightmare." He solved the problems by working with users to define their requirements and then with Shared PET's hardware supplier, Dell Inc., to standardize systems to meet the requirements. In the process, he provided workers with wireless access, which quickly raised the issue of security. Simms said he dealt with the security concerns by using Firetide Inc.'s mesh networks, which use proprietary technology to "lock in" network devices so they can communicate only with one another. Larger companies face the same kind of problems. For example, Colin Seward, an IT manager at Cisco Systems Inc., said the networking vendor has launched a program called Cisco Pocket Office Services to manage different kinds of mobile devices. Cisco "recognized that we had to support these devices [because] they were just coming into our organization anyway," he said. The Pocket Office program certifies what devices are supported and requires users to register ones they buy themselves and agree to terms-of-use conditions, Seward said. It also provides remote management of the devices, including software upgrades and security services, as well as the ability to block network access for those that are lost or stolen. Richard Stone, wireless and mobility solutions manager at Hewlett-Packard Co., said IT managers often aren't proactive enough. Their attitude, he said, is one of resignation: "Wireless is insecure, so we've decided to do nothing." But end users aren't standing still, Stone warned. Sales statistics show that half of HP's iPaq handheld PCs are bought through the retail channel, he said, adding that it's not uncommon for companies to see unsanctioned WLAN connections popping up on their networks. "Start to set standards today," Stone advised. Beyond that, IT managers should sniff out any unauthorized WLANs and either shut them down or show users how to set them up properly, he said. Such actions are needed because the benefits of introducing mobile and wireless technology to corporate networks are so compelling, Stone noted. He described an HP program to equip 1,200 customer service engineers with notebook PCs and wireless network cards. HP estimated that the project would provide a return on investment of $2.1 million, but the actual ROI turned out to be $8.6 million, Stone said.
Reproduced from an article published by Computer World
© Computer World
The original article can be viewed here:
http://www.computerworld.com/mobiletopics/mobile/story/0,10801,93530,00.htm...
Permalink Bookmark Digg this story
