The Network Sweet Spot

Biometric option helps to make wireless networks more secure

THE shelves in the Wi-Fi network candy store are filling up with the newest products fresh from the factory. These products are primed, promising to sweeten every Wi-Fi network administrators' palate with prized, golden tickets of the best Wi-Fi network security features. And biometrics technology seems to be the flavor of choice for network integration.

Amid all of the security threats, breaches and worry, Wi-Fi and mobile devices continue to progress. Laptops have been outselling desktops in the United States for more than a year, according to the research firm Current Analysis. A significant indicator is most likely due to the majority of laptops featuring Wi-Fi capabilities.

However, even with the constant invention and upgrade of Wi-Fi network (WLAN) security, overall public and corporate paranoia about security threats continues to build. Late last year, Gartner, an IT research and advisory company, asked 200 business technology groups in North America and Europe how they felt about WLANs. The response was that 64 percent plan to increase wireless deployments in the next six months; nonetheless, security is still their top concern.

Continued security threats and actual breaches can give cause to worry whether your laptop or PDA is really secure from hackers in a home Wi-Fi network, corporate or public hotspot. Take into consideration that Gartner estimates two-thirds of critical corporate data resides on employee workstations or notebooks, not on servers, intensifying the worry.

According to Computer Associates, a producer of IT management software, almost 85 percent of large U.S. enterprises admit to having suffered an IT security incident over the past 12 months, and the number of breaches continues to rise by 17 percent since 2003.

Amid all of the security threats, breaches and worry, Wi-Fi and mobile devices continue to progress. Laptops have been outselling desktops in the United States for more than a year, according to the research firm Current Analysis. A significant indicator is most likely due to the majority of laptops featuring Wi-Fi capabilities. The proliferation of mobile devices, as well as home, public and enterprise WLANs is sure to continue. According to JiWire, a provider of information and services to help mobile professionals and computer enthusiasts find and connect to the wireless Internet, there was an 87-percent increase in hotspots worldwide from 2004 to 2005.

Yes, mobility is great for the majority of users, but it can be troubling for IT security personnel and the unlucky users who have had their devices and data hacked, cracked, pirated and destroyed. IT professionals are not just concerned about the security of their corporate WLAN, but the many hotspots that mobile employees are working within, including their home WLANs.

Last year, a virus was created that could jump from cell phones to PCs. And, according to McAfee, more than 200 malware programs appeared in 2005 that were designed specifically for mobile devices.

Of course, viruses, malware and spyware are only a few of the security threats, or data destroyers, that the mobile computing society must be prepared for and fight against. Identity theft and corporate terrorism have become very real and tragic events, not just hot buzzwords.

An Armory of Security
Although the growth of Wi-Fi looks promising, manufacturers and service providers are still trying to find security measures that can actually prevent security breaches.

Users want to employ traditional, in-the-box network defense solutions, such as firewalls and VPNs, and be able to layer that with intrusion prevention and authentication on access points and mobile devices.

Even with these measures in place, a major concern is that unauthorized users are able to connect to the network and misuse enterprise resources. Due to such concerns, many enterprises either use the evolving security technology reluctantly or have postponed its use until all security issues are adequately addressed, measures proven, and complexity and costs to implement greatly reduced.

There is a numerous amount of security measures that have been invented and employed, including those based on the 2004 Wi-Fi security standard (the IEEE's 802.11i) and the Wi-Fi Alliance's closely-related implementation protocol, the Wi-Fi Protected Access 2 (WPA2).

Both users and providers can do a lot to layer security measures on a Wi-Fi network, from firewalls to passwords. First, employ the list of security measures that are suggested in manuals that come with access points and other Wi-Fi infrastructure products. Also, consider measures such as using a VPN, keeping a clean wireless networks preferred list, enabling security on your router, picking a new password, enabling Web-mail security, refraining from supplying your SSID, turning on MAC addressing, disabling ad-hoc mode, enabling WPA encryption instead of WEP and disabling remote administration.

Who Are You, Really?
This multi-layered, Wi-Fi security approach still does not answer the question that should be asked of everyone trying to access a network: "Are you really who you say you are?"

Identity management with biometric authentication has evolved as the highest form of security to answer this question. This evolution is helping drive the growth of devices with embedded biometric scanners and plug-and-play, biometric Wi-Fi peripherals. Most of these devices feature scanning technology of the most historically popular human identifier, the fingerprint.

Microsoft, the International Biometric Industry Association (IBIA) and BioAPI are of the entities driving market growth. In fact, Microsoft is integrating biometric authentication technology into its next version of Windows®, which further validates the technology and its broad adoption.

The greatest advantage of biometric identity management technology is based on who you are, rather than what you possess or what you know, such as an ID card or password. Biometrics is not necessarily supposed to replace the existing methods of identification, but to strengthen them or to build upon them.

The use of a fingerprint for authentication has been on the rise, as people have discovered many problems with password and token-based systems. In the last few years, the number of online accounts each user has increased significantly. It is not uncommon for people to have 15 online accounts, and remembering this many passwords is not an easy task, especially for accounts that are not frequently accessed. To solve this problem, people typically write their account information on paper. The difficulty in managing many passwords also results in an increasing number of calls to IT support departments for help. A similar problem occurs with hardware tokens for authentication.

This leaves users carrying many tokens --one for each account. In addition, it is easy to lose hardware tokens. Fingerprint-based authentication provides a solution to all of the problems associated with passwords and hardware tokens. Since fingerprint technology has become affordable and reliable, its use in user authentication is on a rapid rise.

Enter Biometric Fingerprint Technology
Market growth of fingerprint technology also has been dependent on the demand for a quick, cost-effective and secure way to identify people. These demands also are major considerations for Wi-Fi access and use. Recent developments to match these requirements in Wi-Fi network fingerprint technology has produced a DSP-based network authentication device that connects to Wi-F,i WPA-compliant access points.

This Wi-Fi network biometric security device communicates directly with fingerprint readers connected to mobile devices to control access at the first point of contact to the network -- the Wi-Fi access point. SX-650 NetGuard from Silex Technology is the latest in Wi-Fi network biometric security technology.

Wi-Fi network owners need a secure way of authenticating users, not just their equipment, and answer very specifically who is using their equipment to connect to the network, where they are getting access from, and what data they are accessing on the network or on the Internet. Forcing users to physically authenticate themselves using the fingerprint reader helps prevent others from accessing the network while roaming spots such as a campus, house, hotel room, a seat next to you or in a car.

Exponential Acceleration
Biometric fingerprint technology can be used for numerous applications such as financial services for secure checking or ATM transactions or for government employee identification.

Biometrics will continue to evolve and drastically influence many private enterprises and the government. By combining its capabilities and benefits with Wi-Fi, concern over common WLAN security issues concedes to confidence, and both technologies can flourish, even tempting those who do not have a sweet tooth to the Wi-Fi network candy store of innovation.

This article originally appeared in the September 2006 issue of Security Products, pgs. 66-67.

Featured

  • Maximizing Your Security Budget This Year

    The Importance of Proactive Security Measures: 4 Stories of Regret

    We all want to believe that crime won’t happen to us. So, some business owners hope for the best and put proactive security measures on the back burner, because other things like growth, attracting new customers, and meeting deadlines all seem more pressing. Read Now

  • 91 Percent of Security Leaders Believe AI Set to Outpace Security Teams

    Bugcrowd recently released its “Inside the Mind of a CISO” report, which surveyed hundreds of security leaders around the globe to uncover their perception on AI threats, their top priorities and evolving roles, and common myths directed towards the CISO. Among the findings, 1 in 3 respondents (33%) believed that at least half of companies are willing to sacrifice their customers’ long-term privacy or security to save money. Read Now

  • Milestone Announces Merger With Arcules

    Global video technology company Milestone Systems is pleased to announce that effective July 1, 2024, it will merge with the cloud-based video surveillance solutions provider, Arcules. Read Now

  • Organizations Struggle with Outdated Security Approaches, While Online Threats Increase

    Cloudflare Inc, recently published its State of Application Security 2024 Report. Findings from this year's report reveal that security teams are struggling to keep pace with the risks posed by organizations’ dependency on modern applications—the technology that underpins all of today’s most used sites. The report underscores that the volume of threats stemming from issues in the software supply chain, increasing number of distributed denial of service (DDoS) attacks and malicious bots, often exceed the resources of dedicated application security teams. Read Now

Featured Cybersecurity

Webinars

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3