make sure you’re using the best technology and the right procedures.
by rick telberg
bay street group llc
hewlett-packard
while a strong case can be made for the moving to wireless networking, public fears about security breaches in an un-cabled world go double for accountants responsible for their, their firm’s or their clients’ data. when you implement wireless networking, it’s up to you on whether to inform others about the move. but either way, be prepared for questions about the security of wireless networking systems.the good news is that advanced encryption technologies are making it very difficult for hackers, and that practitioners with mobile devices on the road or in the home are being trained to lock them down to prevent break-ins.
the bad news is the basic nature of wireless ? sending data through radio waves in the air ? makes the networks vulnerable to attack by anyone with a computer equipped with the right network card and makes the data accessible to anyone equipped with a cheap antenna system. while they can it make it impossible for the hackers to understand what data they steal, wireless networks cannot block anyone from intercepting a broadcast.
that makes it essential that the network and all its portable devices employ the latest industry standard for encryption, which encodes data to prevent unauthorized access, and the latest standard for authenticating users. fyi: the state-of-the-art standard for user authentication is 802.1x and for encryption, it’s wifi protected access or wpa.
the second essential to wireless safety is an enterprise security program that among other things monitors how employers access data so you can pinpoint and fortify the areas most vulnerable to attack. and like all security efforts, it should include plans for backing up and making mission critical data immediately available after a security breach.
it’s important that the vendor and/or dealer of your networking equipment is well versed in security standards and can provide you with ongoing advice on security and on developing your plan.
monitoring of break-in attempts and applying added security when specific vulnerabilities are detected is a key item for cpas. “we’re convinced if we actively track security, the risk is manageable,” a chief information officer of a regional cpa firm with an advanced wireless networking system told us.
training staff, particularly road warriors and telecommuters, is also critical. for example, while laptop users may think that access to their networks is limited to span from which their laptop gets access, hackers with a $20 directional antenna can access it from miles away.
employees working at home should be regularly cautioned to adhere to the security practices used in the office and your it staff must ensure that the telecommuters working with the home internet connections do not unexpectedly expose data when transferring it between computers.
the biggest security issue in wireless seems to be treating the systems as though they are wired. the systems by their very nature are more vulnerable and require more proactive measures by management and cooperation from staff.