WLAN DISCUSSION
 

WLAN security - in the eye of the beholder?

WLAN security - in the eye of the beholder?

Postby LPhifer » Wed Oct 12, 2011 11:05 am

WLAN security standards and products have made great strides over the last decade. However, security options are still only effective when enabled and properly configured. A study published last week by Wakefield Research illustrates the continuing gap between consumer perception and secure WLAN use:

http://www.wi-fi.org/news_articles.php?f=media_news&news_id=1085

Wakefield interviewed 1000 representative Wi-Fi users to ask about their security beliefs and habits. A whopping 97 percent said the data on their devices and networks is "safe and secure." But many admitted to practices that place that data at risk. Specifically:

* 41 percent do not use Wi-Fi passwords that are strong enough to resist PSK crackers.

* 38 percent let their Wi-Fi devices auto-connect to strangers (unknown ad hocs and APs).

* 82(!) percent use open Wi-Fi hotspots without a VPN to protect their data.

Survey respondents did not appear to be unaware of Wi-Fi risks - just either careless or clueless. 85 percent said they understood Wi-Fi devices shouldn't be configured to auto-connect, and 86 percent said they'd enabled security on their wireless AP or router. Moreover, practices were no stronger among those who had experienced viruses or considered themselves "tech savvy." In short, many Wi-Fi users know better - but still don't take basic steps to safeguard themselves.

The Wi-Fi Alliance sponsored Wakefield's survey as part of its on-going campaign to educate users about Wi-Fi security and make secure WLAN configuration easier (notably through automation via Wi-Fi Protected Setup). But perhaps such steps will never impact that roughly one-third of the population who continue to put themselves at risk.

Perhaps the only way to improve these stats is to enforce secure WLAN use - specifically, by changing auto-connect and PSK factory defaults so that proper configuration is the norm, not the exception. The downside? Wi-Fi devices would no longer connect auto-magically out-of-the-box. At minimum, one unique 8-character password would always be required to get started. But really, is that too much to ask?

I think not. What do you think?
-- Lisa Phifer
User avatar
LPhifer
Registered User
 
Posts: 166
Joined: Fri Jun 25, 2010 10:42 am
Location: Pennsylvania, US

Return to WLAN Security



Who is online

Users browsing this forum: No registered users and 1 guest

 

 

 

 
Read
»
Whitepaper: WLAN Design and Site Survey
 
»
Site Survey Check List
 
»
802.11n Reference Guide
 
Watch
»
RF Basics
 
»
Planning for 802.11n
 
»
Voice-over-Wireless Best Practices
 
 
Home  |  Security Center  |  All Things Wi-Fi  |  Blog  |  Library  |  AirMagnet.com  |  FlukeNetworks.com
© 2006-2013 Fluke Corporation. All rights reserved.