Wireless Technology Used in Business Applications - Case Study Example

Wireless Technology used in Business Applications of More information This paper is a research on "Wireless Technologies" which includes wireless vulnerabilities, strengths, and weakness, future and security issues used in business applications. A review will be made on wireless technology and current issues in wireless based business applications. The paper also ends with some helpful recommendations for IT managers regarding the use of wireless technology in business applications. The tendency to use e-business applications using wireless access is rapidly increasing since the mobile workforce and customers need for "anywhere/anytime" access is rapidly increasing. Nevertheless, even usual e-mail applications corresponds as a security threat for a potential enterprise if hackers gain the access to the network, or feed the network with viruses or other malicious software. IT managers must carefully appraise security risks involved with wireless applications and try to maintain proper security for the networks as is needed. This paper will address the issues regarding wireless technology and tries to discuss the positive and negative points of using this technology for business purposes. Cellular systems were begin to be used more than a quarter of centaury ago and since that time, IT managers realized that the Advanced Mobile Phone System (AMPS) standard was not secure enough for authentication purposes because of caller fraud which was going to be increased. (Kurose, 2004) By the appearance of Cellular Digital Packet Data (CDPD) which provided 128-bit encryption for security purposes and Global System for Mobile communications (GSM) provided encryption and the implementation of user authentication techniques as part of the wireless standard, security flaws also appeared and IT managers faced with unlawful use of communications by un-authorized users, so new standards were defined. Code Division Multiple Access (CDMA) which specifies an unequalled code to each data packet and then disperses the packets thorough the air made it difficult for hackers to intercept the packages and brought more security for the devices which were designed to benefit from the wireless technology such as PDAs, Cell Phones and Laptops. (Kurose,2004) However the more technology improved, more and easier ways to intercept a wireless based structure appeared and this resulted companies to seek for more improved security if they wished to deploy their wireless networks. At the same time the wireless data networking is earning most of the marketplace notice, IT managers and the organizations which employ this technology are dealing with wireless security challenges.(Tanenbaum,2006) Since all the voice and data is transmitted through air as a medium, the security challenge is increasing. This leads to a position that offers substantial impulsion for IT managers to start evaluating and re-designing their wireless security plans and strategies. Wireless technology has been used in home and business for a few years, and a number of endeavors is accomplished to provide an integrated security standard that come across our needs. Security measurements have been improved several times to meet our need for wireless technology both at home or business, but since the 802.11i standard has been defined, IT managers had always discovered notable lacks that prevented them to implement WLAN in the market. In not so far past, WEP was the well known standard for security in business wireless applications. Unluckily, the hurry in producing a security resolution for 802.11 intended that it could not have an important amount of revaluation. More analysis showed that the WEP protocol has fundamental security faults which allow hackers easily enter to a wireless network. There were a few security issues discovered in data transmission. First, encryption keys were statically designed, this means that if a hacker could crack the network, he could simply de-encrypt the data transmitted on the network until the IT manger found that the network is cracked or remembered that the keys need to be refreshed frequently since it is not dynamic and needs change. So, if hackers could discover the key, they could simply change the data and re-encrypt it, and then transfer it to another legal user on the network. Because of these security flaws, we can simply realize that the chance of being under attack even by a child using simple downloadable software from the internet could be really high. Now what will happen if we decide to use the WEP as a security measurement for business applications inside our company?! A second problem happened in using WEP was regarding the authentication. The key for each device could not be changed easily and this meant that the chance of using similar keys by several access points in a company was high. So two networks belonged to two different company could overlap at gain access to any computer in the networks easily. The limitation and security flaws in WEP security demanded more development and more security measures which leaded to new standards like WPA. WPA or Wi-Fi Protected Access was a new standard that could resolve the issues in WEP in two ways. It improved the key specification system and encryption method and resolved the authentication problem. It helped a lot the companies with their security in data transmission between their applications. However since WPA was almost a fix package for WEP, many companies realized that WPA cannot be the ultimate solution for wireless technology, specially for wireless business applications. After the security flaws were uncovered in WEP, a vast number of companies decided to integrate WLAN security measures by the IEEE 802.11 working groups and the Wi-Fi confederation altogether. The idea of merging these two technologies was that the maximum security solutions which could be discovered in Virtual Private Networking (VPN). VPN uses the IPSec as the IETF standard and it has been under alternation for a long time and these revisions has provided a rich security standard that brings exceeding data privacy, authentication, and access control for networks which have IP-based traffic, without the need to consider the type of medium which is cable or air. To implement such a secure business system, companies need to install a VPN client software on each wireless client. The integration of VPN technology allowed WLAN devices to simply transmit the data as usual but enhanced the security in wireless business applications to a high level. However, there were some problems regarding the use of this merged technology. IPSec was planned to supply security within a completely different architecture in comparison to wireless LAN networks architecture. VPN is supposed to give encrypted access to the users outside the network using firewall rules. Considering the VPN, the users who use wireless technology are actually behaved as being external to the office network no matter if they are legally a member of the net. Thus, there are also problems with the performance of applications in the current security plan. The access rights will be almost very different for wireless devices using both WEP and VPN together in comparison to wired users. As a result, if we have a wireless device as a part of a LAN the same as a wired accessed device in exactly the same office, the way both devices gain the access to the network and the privileges are completely different. The use of VPN technology is a very good idea but it will increase the complexity of the network design and rise many problems if we need to modify the network design. In order for a device to be in the VPN based network, the user needs to install a VPN client software and needs to configure special settings for the device to be able to gain the access to the network. This client software needs to be restarted each time the device wants to connect to the network. End-users will discover this process complicated and boring. The other problem with the VPN solution is the high cost of implementation for this system. In order to setup a VPN based security, IT managers need to spend more money in addition to the costs for setting up their wireless network. The IEEE was capable to acquire from the defects of past wireless security standards and deploy now-proven wired security technologies to finally introduce 802.11i standard for WLAN security three years ago. 802.11i gives wireless devices an improved authentication and encryption technology that meet the business requirements for security. In a short time after this standard was introduced, the WiFi confederation introduced WPA2 which was compatible with the 802.11i standard. 802.11i uses two new and improved authentication techniques, and these are implemented in WPA2 as two “modes”. WPA2 “Enterprise Mode” uses the same RADIUS-based 802.1X structure used in the original WPA. “Personal Mode” includes a scaled-down solution which is useful for small office and for home based wireless networks which only asks the users the pre-shared key of the network to gain the access. Therefore, we can conclude that businesses rather to employ the enterprise mode of WPA2 as the ultimate and final solution for wireless security purposes. (Willig,2004) WPA2 benefits from two encryption methods defined in 802.11i standards, TKIP and the CCMP. CCMP provides a robust enhancement to the security of wireless networks by using advanced encryption algorithm called AES which is completely enhanced and different from what was previously in original WPA. The mechanism uses hashing algorithms in addition to encryption algorithms, so the security quality is assured. We can say that presently, CCMP is recognized as the best security solution for enterprises since it meets necessary enterprise security standards needed. 802.11i also benefits from a key caching technology – which enables users of a network who are temporarily disconnected to gain the access to the network easily– and pre-authentication, which gives the network access point the ability of having seamless roaming. Both of these capabilities are needed for highly secured business applications such as Voice over Wireless LAN (VoWLAN). Therefore we can conclude that WPA2 Enterprise mode which benefits from 802.11i standard is presently the best option for IT managers who want to use wireless business application and provide maximum security for their networks. In addition to use the most advanced standard for the security purposes in wireless applications which isWPA2 as mentioned above there are also key points for IT managers to consider when they are setting up a wireless network. For example, network administrators are always asked to change the default administrator passwords on their wireless access points since the name of “admin” and probably the same word as a password is often used by the companies who manufacture these devices and anyone within the range of these devices may gain the access to the control panel of access points and simply gain the control of the network. At the most of this paper we discussed the issues regarding encryption techniques which are essential for wireless communications for example in office and for enterprise purposes and we recommended WPA2 enterprise mode. In the control panel of each access point such as a router, there is section for security that enables the devices to turn on the encryption and select one of the WEP, WPA or WPA2 or more recent methods and the administrator selects the best that knows all the devices in the network are compatible with. There are also more options for more security such as hiding the network SSID by turning the SSID broadcast off which does not give the name of the network to any computer within the range of wireless signals. In WiFi wireless networking, the router or other access point device broadcasts the name of the network from time to time and SSID broadcast is turned on by default. This causes hackers within the range of network to easier log in to the network, so in an office, the network should disable the SSID broadcast. It is a good idea to specify the IP range for the devices. For example if there are 20 wireless devices in the network, restricting the range of IPs to 20 causes more wireless devices not to be able to enter the network at least till one or more of the devices quit the network. Most of the access points are set to assign dynamic IP for devices on the network. This causes a very simple way for the devices to enter and leave the network but it is recommended to use dynamic IP in home environments. In case of business applications, it is better to assign static IP to the devices and not to use DHCP technology. DHCP can be used easily for a network and the setup is so simple but this convenience causes more attacks to the enterprise network. So, the IT manager or network administrator should turn off DHCP on any access point or router and set a fixed IP for any device and try to restrict the range of IP addresses as described above. DHCP is a protocol that assigns a unique IP address to each computer which enters the network and it releases this IP address when the computer leaves. Each time the computer wants to enter the network, the IP becomes new again by DHCP. (Tanenbaum, 2006) This causes ease of access to the network both for enterprise and the attackers, so it is recommended not to use DHCP protocol as a way to give access to computer network specially at the office or enterprise for security reasons. The other good option to be considered for wireless network security is the control on the range of signals by removing the extend range option on the control panel of a router and to place the router or other access points at the center of the building.(Khan, 2006) Wireless networks usually have a broad range which includes neighbor buildings or enterprises and streets. Placing a wireless network at the center of the office helps all the devices to receive more strength signals and have a better connection speed. Also it prevents the networks of neighbor enterprises to more overlap. It is also recommended to turn off wireless access points when the network usage is zero for example the nights that the office is closed or the weekends or during Christmas holidays. Shutting down the wireless network when no one is using the network or at least wireless network can prevent the attackers to enter the network. As the final recommendation for IT managers, it is always a good idea to use firewalls for any device on the network which can control the inbound and outbound traffics easily. WiFi signals are more extended in range and this causes more wireless devices to be at the range of the network which is equal to more possible attacks. (Khan, 2006) So, firewall is an excellent idea to protect the enterprise network. Most of the advanced wireless access points have built in firewalls but there is an option to enable or disable this ability. Network administrators must make sure the firewall is turned on. It is recommended to use more firewalls on the network too. Enabling firewall on each device on the network protects the network or at least the single computer which has a firewall installed on. References James F. Kurose and Keith W (May 2004).Computer Networking: A Top-Down Approach (4th Edition) ISBN-10: 0321227352, ISBN-13: 9780321227355,Addison-Wesley Karl.H and Willig.A (2004) , Protocols and Architectures for Wireless Sensor Networks. ISBN: 978-0-470-09510-2, John Wiley & Sons, Inc. Khan.J and Khwaja.A (2003) Building Secure Wireless Networks with 802.11,5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8, 0-471-23715-9. John Wiley & Sons, Inc. Tanenbaum.A.S. (2006) Computer Networks (4th Edition), ISBN-13: 97843438827355 Addison-Wesley Yi-Bing Lin and Imrich Chlamtac (2007), Wireless and Mobile Network Architectures, (3th Edition), ISBN-13: 978465388749435 Addison-Wesley Read More