10:10 AM
Listening Post: Questions Around WLANs Linger
The promise of wireless-local-area networks is greater flexibility and faster up-time. But is security tight enough to ensure you're the only one on the line?
When Bear, Stearns & Co. built the 45-floor Manhattan office tower that it recently moved into, the firm made a big bet on wireless that is starting to pay off.
The firm designed its offices with wireless in mind, deploying wireless-local-area networks (WLANs) so that its employees could easily move from one office to another and still maintain connectivity to the firm's network through their laptop computers.
"The building is totally wired for wireless voice and data," says Brian Dillon, managing director at the N.Y. office, who oversees the wireless project. "We thought that wireless voice and data would be one of the convenience networks, but it has proliferated a lot further than we had ever anticipated. The feedback on it is very positive."
"It's still in its infancy," he says, noting that about 5 percent of the firm's 4,200 employees in the N.Y. headquarters use it. "It is used primarily by IT staff and IB (investment banking) staff, since they're the most mobile of our users."
"IT staff are running around taking care of trouble tickets, while IB users are very collaborative ... so they'll be working at their desks, they'll be jumping into conference rooms. What we have done is set up the wireless LAN so they can have access to their data across the building," explains Dillon.
Staff with laptops can obtain a pass code that grants them access to the network, though the percentage of users remains small. Dillon says "one of the reasons it is not a large-scale deployment is because we are not buying a lot of laptops right now due to the economic climate. We are holding off on those purchases at the moment."
The firm has built a number of multi-media presentation rooms that are already set up for wireless. That provides staff with access to things like spreadsheets and roadshow presentations. So if the team is working on a project, members can meet in one of the boardrooms and have access to everything they would if they were sitting at their own desktop. Dillon says that means they can input additional data at any time and easily track down follow-up items. "This gives them the flexibility to get data without having to run back and forth to their desk or carry cables to access the network."
It puts Bear Stearns at the forefront of the wireless revolution. It's a revolution that has, in some circles, hit a brick wall, as a number of financial institutions abandon or cut back their wireless offerings. As well, the Financial Services Technology Consortium, a group of North American financial institutions, technology vendors, independent-research organizations and government agencies that is working to develop interoperable open-standard technologies, has halted work in its wireless projects, because banks are scaling back their wireless initiatives. That impacted projects dealing with security and encryption.
"Customer-facing wireless initiatives have not seen much in the way of consumer adoption," notes Neil Katkov, a senior analyst at Celent Communications in Boston.
Now, the attention seems to be shifting to the enterprise and how firms can deploy wireless to improve their own operations. Firms like Bear Stearns, Fidelity and stock exchanges like the New York Stock Exchange and the American Stock Exchange are actively deploying wireless.
Katkov says that unlike wireless-retail brokerage, wireless in the institutional market "never depended on trading volumes." Rather, it has "more to do with lowering the total cost of ownership for IT, increasing employee productivity and improving services for institutional customers."
That's the case at the Amex, which has recently beefed up its wireless offering, doubling bandwidth capacity from one to two megabytes.
Frank Vento, director of market operations and trading floor systems at the Amex, says his exchange began experimenting with WLANs as early as 1997. It has the Amex wireless data system (AWDS), and the booth automated routing system (BARS), which are designed to serve the traders and firms working that market.
The system supports more than 30 devices and as many as four operating systems. Twenty-four firms are approved to use wireless on the trading floor and there are about 200 users, Vento says. It has replaced the traditional way that traders communicated with their booths, such as hand signals, using runners and shouting. Vento says with handheld devices and wireless headsets, "The chance for errors has decreased greatly."
It's improvements like that which are expected to boost wireless use across the enterprise. Research firm IDC, based in Framingham, Mass., predicts an explosion in WLANs. Worldwide revenue for WLAN equipment makers hit $1.45 billion in 2001, up 34.2 percent from 2000. IDC expects that to grow to $3.72 billion by 2006. Moreover, the global market for wireless and mobile-infrastructure consulting, integration, and management services is expected to rise to $37.42 billion by 2006, a compounded-annual-growth rate approaching 15 percent.
Mike Saldi, president of SCLogic, Inc., a wireless-services firm in Beltsville, Md. that helped the Amex upgrade its network, says, "The biggest thing holding up the wireless network, by far, is security."
A year ago, he says, it would have been cost, but the price for equipment has plummeted and now anybody can easily buy the equipment and install it. But that is precisely the problem - rogue-access points.
Brad Johnson, vice president at SystemExperts Corporation, a Sudbury, Mass. technology firm that specializes in security issues, says WLANs are easy to deploy. "Almost anybody can buy this stuff and install it." Therefore, "It's so cheap, you don't have to go through the normal acquisition chain" and IT administrators "aren't normally involved," resulting in rogue-access points, he explains.
J.P. Tanguay, president of IpEverywhere, a Toronto wireless-solutions firm, agrees that it's easy for someone to set up a WLAN and expose a firm's network. He says employees can set up rogue-access points for a few hundred dollars in the expectation of making their life easier without the IT department knowing about it. That has the effect, he says, of "taking all the work (the IT department) put into securing the network and flushing it down the toilet."
Searching for rogue-access points has become a hobby for many, known as war driving. Access seekers will use portable computers to identify leakage and rogue access. Such exposure can be dangerous for firms, Tanguay says, because the points can be used by spammers for e-mail campaigns or by hackers to launch loss-of-service attacks on Web sites.
Dillon says his firm experienced some security issues primarily with internal rogue users, but they were addressed early in the project. "We used an outside firm to audit our system and we found rogue users could interfere with the production network. In order to deal with that we put out a few corporate mandates prohibiting private-wireless networks."
The firm also encountered some difficulties in setting up the system. "During the site survey, we had to wait until construction was completed, then we noticed a little bit of signal bleeding through the concrete and walls. It turned out people across the street could potentially access the system so we toned down the signal quite substantially." There are also strong authentication and security components in place. "We have treated it just as an external network. You need a secure ID to authenticate and to get on before you can even log on to a domain."
Val Musi of Predictive Systems, Inc., which helped Bear Stearns build its wireless network, says in addition to secure ID, it added a number of security measures. "We built multiple security layers within the wireless network," based on MAC addresses and permissions.
Tanguay says one of the first things a firm needs to do when it comes to wireless is "make sure it's properly installed" and secured. He notes that it's usually left up to the user to enable security functions, and many don't. As well, firms need to make sure they have good authentication and encryption procedures in place.
However, Celent's Katkov says that may still not be enough. "No matter how secure the wireless network, security experts say that perhaps 20 percent of transmitted data is vulnerable" and open "to interception by malefactors." He attributes that to the "take-it-slow approach to deployment" the financial-services industry is following when it comes to wireless.
Isabella Fonseca, a Celent analyst based in Italy, notes that firms can't ignore wireless and it presents some of the "same challenges as wired networks, such as unauthorized access to a computer network or espionage about proprietary data." While it's a "challenge to provide end-to-end security," WLANs provide user mobility, flexibility, and rapid installation. "Today," says Fonesca, "wireless-access networks are convenient and more cost effective than cabled access."