Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : 3Com Corporation (COMS) -- Ignore unavailable to you. Want to Upgrade?

To: KyrosL who wrote (34534)	9/25/1999 9:50:00 AM
From: Captain Jack	Respond to of 45548

Sep. 24, 1999 (InternetWeek - CMP via COMTEX) -- Lunching contentedly in the dimly lit environs of Washington's famed Red Sage, a chill ran down my back. The chill wasn't because of the stormy weather that day or from anything two executives from Certicom had said. Rather it came from what they didn't say: whether most businesses have any idea how insecure their wireless communications are. The discussion centered on Certicom's move into the wireless marketplace. Certicom recently received a lot of press because it provides the encryption for 3Com's new Palm VII. We were talking about other wireless activities when the thought struck me. "I wonder," I said, "how many IT managers even know whether their wireless data communications are encrypted." We all thought for a minute. Then I went on: "You know, I'll bet most people don't even think about the fact that their analog cell phones transmit calls completely in the clear and that anyone who wants to can listen in on their conversations." We agreed that many businesses are similarly casual about protecting their data communications. The fact is that many businesses simply ignore security-including communications security-completely. Outside of the financial services industry, how many users encrypt important e-mails, for example? How many people even know how to do so? Most people I've talked to have no idea how to use their encryption software, and most of those don't know whether they even have the means to protect sensitive data. This problem is bad enough in the more traditional computing scenarios in which there's no wireless component. One of the greatest risks when computer equipment is stolen, for example, isn't the loss of the equipment, but rather the loss of data contained in it and the chance that the data might be found by a competitor. Depending on the nature of the business, this can be a significant risk. When the data isn't encrypted, it's there for anyone who wants to look at it, whether it's a thief or a disgruntled employee. The same is true if you add wireless communications, except no one has to steal your computer to get your information. If the wireless data stream isn't encrypted, anyone can receive the signals and read what's in it. All the person has to do is be near you. This lack of security with wireless transmissions applies whether you're working with broadcast services, such as cellular modems, or whether you're using point-to-point data transmission, such as a microwave or laser link. Any of these means of communications can be intercepted easily, with readily available products. So what can you do about it? The first suggestion is to find out whether your communications are already being encrypted. Most wireless network devices have at least minimal encryption. Many people assume their communications are encrypted, but you really need to verify that. Remember, most people think cell phone communications are secure, too, but they're not. The next thing is to look at the type of information you're passing over wireless links and decide whether the current level of encryption is adequate. If you're just surfing the Web, you might not care, but once you start to send sensitive data, such as your customer list or inventory, or to pass other sensitive information, such as credit card numbers, your exposure goes up dramatically. You must be aware if your wireless data isn't encrypted, so you won't use that link for anything sensitive. If it is encrypted, then you need to know how good the encryption is, so you'll know whether it's good enough for what you're sending. You wouldn't want to use the same level of protection for your company's secret product plans as you do for your baseball scores, for example. You should also look for products that are easy to use and fast. Avoid an encryption product that has many extra steps or a big negative impact on performance. What's needed instead is encryption that's built-in and transparent. Then it's always there, and your company's secrets will be safe. Ultimately, the first step is to know exactly what's happening to your wireless data, and it's that important first step that many managers never take. Instead, they assume that it must be OK. Unfortunately, the real beneficiary of such assumptions may be your competitors, as they read your e-mail while it's on its way to you, or worse, while they quietly log onto your wireless network and check out data on your company servers. There's no doubt that wireless communications are convenient, but sometimes that convenience has considerable drawbacks. Wayne Rash is managing editor/technology. He can be reached at wrash@mindspring.com and wrash@cmp.com.